The latest figures show that organisations and firms based in the UK are far better equipped to protect personal information and sensitive data than their European or American counterparts.
The number of firms achieving accreditation under the ISO 27001 data loss prevention standards in the UK is higher than in many other global markets, showing that there is a positive approach towards meeting recognised rules relating to data protection policies.
444 businesses and organisations in the UK have attained accreditation under the ISO 27001 standards, which places the country second in the world, with only Japan’s business community demonstrating greater compliance. Two of the world’s largest economies, Germany and America, have just 137 and 96 firms meeting the ISO 27001 requirements respectively.
Data storage and security experts believe that there is a disparity between the number of UK firms that have clearly shown support for the ISO 27001 standards in creating data protection policies which stand up under its scrutiny and the volume of reports which suggest that the uptake of compliance measures is inadequate and slow.
ISO 27001 has its origins in the UK and the figures for UK firms in compliance are perhaps lower than the real numbers because firms are failing to notify the authorities once they meet the requirements, according to data security consultant Stuart Bonell.
ISO 27001 accreditation is not managed centrally, but rather by third party firms that carry out the process on behalf of the ISO. The differing levels of compliance and the varying stages of the conformity process can also lead to significant differences in the real level of security between two different firms, according to analyst Bob Tarzey.
Some believe that security vendors are creating an atmosphere of suspicion and unnecessary fear within the UK industry in order to sell their products. It is thought that pushing for tougher and tougher regulations will always leave some firms behind and will render previously respected regulations worthless in the longer term.
It is believed that about 40 per cent of UK firms are attempting to achieve compliance with ISO 27001 standards, with regulatory bodies such as the Financial Services Authority (FSA) drawing upon it as a reference in their own work.
