Companies in Denmark and the Netherlands have the next highest level of data breaches, at 94 per cent, according to a study by Lloyds of London.
Italian firms fare best, with 80 per cent of companies experiencing a data breach. Despite these figures, the research also finds that only 42 per cent of companies are worried about suffering another breach in the future.
Ross Brewer, VP and MD of international markets, at LogRhythm says that the research comes as little surprise, as it’s becoming clear from current media headlines just how badly some organisations are failing when it comes to cyber defences.
‘The bottom line is that today’s hackers are so advanced that they will eventually get into their target networks, which probably explains the high number of breached organisations,’ he adds.
‘Focus must now shift to what they are doing while on those networks and putting measures in place to stop them as soon as possible, as this is where the damage can be greatly limited. The fact that so few businesses are concerned about a secondary breach could worryingly suggest that they are placing too much confidence in the reactive security systems that they deployed after the first.’
With the European General Data Protection Regulation (GDPR) coming into force in just a couple of years, there really is no room for complacency, Brewer adds.
A big problem today is that businesses are taking far too long to identify that they have been breached, which means hackers have time to roam the network and take what they want undetected, he says.
‘Indeed, there will be a large number of organisations unaware that they have been, or are being, attacked at any given time. GDPR, however, will force organisations to comply with a mandatory data breach notification window, which places additional pressure on businesses to spot and disclose a breach within 72 hours.
‘This necessitates a deep understanding of all activity happening across their entire network, at all times. Businesses across Europe cannot be complacent and instead must take advantage of security intelligence and analytics, boosting their investment in full threat detection and response capabilities.’