www.canadiansecuritymag.com

News Data Security
Canadian businesses fail to prioritize data protection: Shred-it study


June 17, 2019
By CS Staff

Topics

OAKVILLE, Ont.—Information security and document destruction firm Shred-it has released its annual report on data protection, revealing what it calls an overly optimistic perception of information security practices within Canadian businesses at all levels.

The Data Protection Report, formerly known as “The Security Tracker: State of the Industry Report,” found that Canadian businesses must take a closer look at their current data protection policies and more heavily invest in security, otherwise they risk a negative impact to the bottom line and a potential talent retention issue.

The survey findings, conducted by Ipsos, revealed the following:

    • Companies believe they are improving at protecting sensitive information, however consumers feel less confident that their data security is taken seriously. In fact, consumers are twice as likely to report that their personal data security has declined (50% less secure), as opposed to improved (23% more secure), compared to ten years ago;
    • C-Suite and small business owners (SBOs) recognize data security risk, but underestimate the consequences. Although the majority of C-Suites (66%) confirm they are likely to report a data breach over the next five years, many (47%) report that data breaches are “no big deal” and that they are “blown out of proportion”;
    • While executives trust their employees completely, the study confirms that human error is often the main cause of a data breach. The survey found that 52% of C-Suites, and 40% of SBOs, report human error or accidental loss by employee/insider to be the main cause of a data breach.

“The findings of this year’s report should act as a wake-up call for Canadian business leaders,” said Pete Vincett, vice-president of Stericycle Canada, provider of Shred-it information security solutions, in a prepared statement. “One data breach can have a devastating impact across all aspects of a business. Canadian C-Suite’s and SBOs need to rethink their current practices and take action to implement stronger precautionary measures, or suffer the financial and reputational repercussions.”

The study also revealed the need for Canadian businesses to take a more consumer-centric approach when thinking about the reputational value of strong data security—most specifically, with millennials:

  • The majority (63%) of consumers are concerned that their private and personal information in paper format is “out there” and 82% of consumers believe that a data breach is a “big deal”;
  • Only 34% of C-Suites and SBOs report that their organization would lose trust if they suffered a data breach, yet millennials (ages 18-34), who make up the dominant consumer pool, are less forgiving and would be most likely to lose trust (43% vs. 33% 35+), seek compensation (33% vs. 18%) and tell others about a breach (39% vs. 29%).