Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


For third year running, UK firms less prepared for information risk than European average

According to the latest Information Risk Maturity Index from Iron Mountain and PwC, firms in the UK have fallen behind their European counterparts when it comes to managing and responding to information risk.

Despite a string of high-profile data breaches and upcoming reforms to data protection legislation coming out of the European Parliament, the results from the 2014 Index show UK mid-market firms score 55.9 out of an ideal score of 100, five points below the leading European country Hungary which had a score of 60.2. This is only marginally better than the UK’s 2013 score of 55.4, illustrating the plateau that businesses appear to have reached and the difficulty many now face in becoming fully equipped for risk.

The annual index measures how prepared companies are to address key information trends against a target of 100. For the third year running, UK mid-market firms have fallen short of achieving the European average set by the Netherlands, Hungary, Germany, UK, France and Spain.

Phil Greenwood, Commercial Director at Iron Mountain, said: “UK firms have some way to go if they are to catch up with their European counterparts. For the third year running they have failed to match the average European score. It is critical that companies address this if they are to adopt a responsible-yet-proactive approach to information risk and value, not just to protect the business, but to help it thrive.”

Based on the findings of the Information Risk Maturity Index, Iron Mountain has identified a set of steps and actions to help businesses improve their data security:

  • Step 1: Make information risk a boardroom issue– ensure that it is a permanent point on the Board’s agenda, that there is a senior individual on the Board responsible for it, and that it is embedded into how the Board monitors overall corporate performance.
  • Step 2: Change the workplace culture– design and deliver information security awareness programmes, have the right guidance available for every person at every level, and reward and reinforce good behaviours throughout the organisation, from the most junior to the most senior employee.
  • Step 3: Put the right policies and processes in place– and ensure these cover all information formats (electronic, paper or media). Also, define any vulnerabilities relating to manual information handling, establish whistle blowing protocols, and review and test all systems and processes on a regular basis.

A summary of the report, Beyond Good Intentions: The need to move from intention to action to manage information risk, can be found at www.ironmountain.co.uk/risk-management.