At the annual eDiscovery Institute conference yesterday, Susan Wortzman spoke about eDiscovery and Information Governance issues in the news. The panel also featured Iris Fischer from Blakes and John Ratchford of Navigator Ltd. Mr. Ratchford mentioned a survey his firm conducted last year that asked Canadians about how well they believed their personal information was being protected by retailers, financial institutions, technology providers and government agencies. The findings were interesting.
Almost three-quarters of those asked were not only aware of recent cyber-attacks, but could name specific North American retailers and Canadian government agencies that had been subjected to a data breach. The fact that specific data breaches were recalled shows that cybersecurity is of major concern to the general public.
Retailers were clearly held accountable by consumers, In the case of stolen credit cards, for instance, while most people conceded that the criminal hackers were primarily responsible for the breaches, 65% also assigned blame to the retailers rather than the banks, payment systems or credit card issuers whose technology was actually compromised.
Although survey respondents are concerned about organizations that hold their more detailed private information, such as government agencies and banks, the vast majority of them were confident that these organizations had sufficient security processes in place to safeguard the data.
Almost two-thirds of the people said that the government should impose much stricter rules around the security of personal and customer information held by others. They also want immediate public disclosure of any compromising of their data.
Protecting data is certainly important. However, as we have often said, walls can and will be breached. When this occurs, having an information governance and cybersecurity response plan in place will address the immediate demand from the public for disclosure and remediation, and may even keep your organization out of the headlines.