United Kingdom

The 'Black Sheep': Data security 

David Elms, Head of Media at KPMG in the UK, questions whether media organisations are doing enough to safeguard their consumer data
The 'Black Sheep': Data security

Black SheepThis category, fondly named the ‘black sheep’, talks of the issue often overlooked by leadership teams. In the media and publishing world, I believe this issue to be data security. In an industry where data is ubiquitous, it is generally accepted that information security should be addressed in the boardroom, but whether organisations are doing enough to safeguard their consumer data remains very much in question.


I wonder how many incidents will need to hit the headlines before data security climbs the executive agenda. After all, the worldwide rate of data loss is accelerating. A recent study by KPMG revealed a 40 percent increase in external incidents; affecting 160 million people in 2012. Slicing the findings by sector; the media industry accounted for 8.3 per cent of all incidents; of which 93 per cent were attributed to hacking.


The recent flurry of high-profile cases has highlighted some of the consequences; reputational damage, financial penalties, falling share prices and consumer backlash. So why aren’t organisations tackling this issue with more urgency and purpose? The answer, in my opinion, is fear. Too many organisations are hesitant to lift the lid on Pandora’s Box and face the complexities of technology risk… at least until something goes awry.


This may explain why negligence is the main cause of a data breach. Organisations appear to be detached from the sheer volume of sensitive data in their keep - or indeed the associated level of risk. Ignorance isn’t always bliss. Clear winners will surely be those who ‘invest a penny to save a pound’; taking steps to understand the risks and implement more rigorous policies that are fit-for-purpose in today’s digital world.


Emerging from the downturn, many organisations are looking to sustain rather than evolve their information technology but it is important to acknowledge the value of corrective care. As technology grows ever more pervasive, the risks will only become greater and more complex. In my opinion, data security is not so much the banana skin as the proverbial wolf at the door - and the responsibility should not be shouldered by IT alone.


We are working with clients to implement robust security measures that can simultaneously increase protection and reduce vulnerability. Our team of 150 specialists understand the changing landscape of technology risk and deliver highly sophisticated programmes to collect, manage, secure and encrypt data effectively. 


Previous: The Quick Fix


What's your view?