New research has claimed that an alarming amount of organisations have not allocated specific budget for information security and data protection.
A survey by Mimecast found that a fifth of organisations do not have a dedicated budget set aside for these areas, raising serious questions about how seriously they are taking the issue.
The findings are particularly worrying given many businesses appear unable to monitor their own security protection effectively. 15 per cent of organisations surveyed said that they did not know whether they had suffered a data loss incident in the last 12 months, and more than a quarter (27 per cent) blamed human error for previous data loss.
With just a matter of months before the new GDPR rules come into force, many of the businesses surveyed were found to be somewhat behind in terms of their preparation.
Just under half (44 per cent) of the UK organisations surveyed believe their email system contains personal and sensitive data as defined by the EU GDPR, however only 17 per cent are confident they could retrieve this personal or sensitive data immediately, with the average number of hours it would take for UK organisations to find and retrieve personal or sensitive data clocked at eight hours.
Mayur Pitamber, cyber resilience expert at Mimecast, said that the survey clearly showed that more needs to be done to stop human error resulting in data loss.