A significant number of businesses in the UK are not adequately prepared to deal with a major data breach, with many firms lacking key aspects of a response plan and over a third not having any such solutions in place.
This is according to research by Experian, which found 34 per cent of organisations in the UK do not have a response plan, despite the fact one in five businesses have suffered such an incident in the past two years.
Even among companies that do have processes in place for reacting to a breach, many plans are lacking essential elements to mitigate problems. For instance, some 37 per cent of companies have not considered including digital forensics in their solutions, while less than half of businesses (43 per cent) are insured for any losses they may incur as a result of cyber crime.
What's more, although more than four out of five businesses (81 per cent) are worried about the financial implications of a data breach, only a third have set aside a specific budget to deal with any issues.
Other problems identified by Experian include a lack of procedures for reporting lost data or devices. Almost four out of ten businesses (39 per cent) said they did not have such processes.
Meanwhile, nearly a quarter of plans do not include specialist crisis communications (23 per cent) or legal support (27 per cent).
Commenting on the findings, managing director at Affinity Experian Consumer Services Amir Goshtai said that the prevalence and severity of data breaches is only likely to increase in the coming years.
"When coupled with the potential for greater regulation, increased consumer awareness and widespread media coverage, it has never been more important for organisations to be well prepared," he continued. "And at the heart of any plan needs to be an unwavering focus [on] minimising the impact on their customers."
The research revealed four out of ten Brits have been affected by a data breach, while 64 per cent say they are concerned about falling victim in the future. And with concerns about their data falling into the wrong hands high, consumers are not likely to be forgiving of any firm that mishandles their information.
Indeed, 84 per cent of Brits said that companies should face penalties if they compromise their customers' personal information, while 83 per cent called for tougher regulations to better protect consumers.
Four out of five respondents stated they would lose faith in an organisation that lost their personal data, while two-thirds said they would advise friends and family against doing business with them and 63 per cent adding they are likely to withdraw their own custom.
But despite this, many firms are failing to recognise the risks or take steps to mitigate them.
Less than half of organisations (47 per cent) would notify customers as quickly as possible following a data breach, while only one in five (21 per cent) would offer identity protection tools to existing customers and just one in ten would offer a free credit monitoring service to help protect consumers who may be at risk of identity theft as a result of leaked personal data.