Shred-it Annual Data Protection Report Deems Investment in Data and Information Security "No Longer Optional"

Rhea-AI Summary

Shred-it, part of Stericycle (SRCL), has published its 11th annual Data Protection Report, highlighting the heightened risks related to data security. Conducted amidst the COVID-19 pandemic, the report indicates that 25% of North American businesses anticipate a data breach within the year. It reveals that 50% of business leaders lack an incident response plan. The report underscores the need for robust data protection measures due to increasing regulations and the potential for both reputational and financial damage from breaches.

Positive

• The report emphasizes actionable recommendations for improving data security, potentially leading to better client retention and trust.
• Increased awareness of data protection risks can drive demand for Shred-it's services, positively impacting revenue.

Negative

• 25% of North American businesses anticipate a data breach within the next year, indicating a challenging security environment.
• Over 50% of business leaders lack an incident response plan, which may lead to significant financial repercussions in the event of a breach.

BANNOCKBURN, Ill., Oct. 25, 2021 /PRNewswire/ -- Shred-it, a leading information security service provided by Stericycle, Inc. (Nasdaq: SRCL), today announced the release of its 11th annual Data Protection Report (DPR), revealing key insights and expert perspectives on the ever-evolving information security landscape. Conducted during the COVID-19 pandemic and featuring responses from consumers and C-level executives as well as small and medium business owners (SMBs), the report—titled "No Longer Optional: Invest in Data and Information Security Now or Pay Later"—reveals gaps and opportunities for both physical and digital data protection.

According to the 2020 Year End Report by Risk Based Security, in 2020 more than 37 billion records were exposed to thousands globally— a 141% increase compared to 2019. And this year's Data Protection Report confirmed that the industry is feeling that risk as one in four North American businesses fear that an attempted data breach is very likely for their company in the next 12 months. As well, approximately four out of 10 business leaders rate the risk of an attempted data breach in the next 12 months as a 'four' or 'five' on a five-point risk scale, with 'five' being the highest risk. And they likely are not prepared as more than 50% of business leaders do not have an incident response plan, making responding quickly to a data breach a challenge.

Data protection laws have evolved over the past 10 years to better protect consumer data and encourage businesses to take action to protect their confidential information. Several states, such as California, Colorado and Virginia, have recently adopted privacy laws with many other states working on comprehensive consumer privacy bills. In addition, Canada has already enacted the Personal Information Protection and Electronic Documents Act.

"It is clear that threats to information security will continue to grow, evolve and have serious impacts on businesses of all sizes from a regulatory compliance, reputational and financial perspective," said Cory White, executive vice president and chief commercial officer at Stericycle. "But the good news is that there is a lot that businesses can do about it. Companies that are active and vigilant in their data protection can help safeguard their confidential information, which impacts the health and well-being of their bottom line and their brand. We are proud of our long tenure in helping companies do just that through our secure information destruction services."

Business-critical insights from the report include:

With Increasing Regulations and Financial Risk, the Impact of Data Breaches Is Too Large to Ignore

• Among North American leaders, executive resignation or termination (U.S. 62%, Canada 54%) and legal issues (U.S. 40%, Canada 54%) were the most cited consequences of data breaches among large businesses.
• In addition, large businesses in Canada were more likely (42%) to cite damage to their reputation and credibility, as compared to their U.S. counterparts (27%).

Consumers Are Concerned about Data Security and Likely to Act if Theirs Is Compromised

• Consumers continue to take their personal information security very seriously, with most (U.S. 88% and Canada 90%) indicating the level of importance as "extremely high."
• Consumers will take action if their data is compromised, with over 80% deciding who to do business with based on a company's data security reputation.

Insider Threats Continue to Loom

• While malicious outsiders (55%) are sources of data breaches, in many cases, 'trusted' insiders—external partners (40%) and employee error (22%)—are as likely to have been the cause.
• Remote work will continue to impact security threats. Sixty-three percent of employees surveyed that work off-site regularly print work documents, and one in four of them simply dispose of their work documents in the recycling or trash.

"The results of this year's report speak to the multifaceted security concerns that the pandemic has brought to the forefront for businesses across North America," said Michael Borromeo, vice president of data protection for Stericycle. "Physical and digital data protection is essential to a company's reputation and financial performance. Business leaders would do well to stay informed on consumer privacy laws as they evolve, know their data inside and out, and proactively prepare to protect it. With the right considerations, retaining consumer, stakeholder and employee trust is possible with holistic data protection measures."

The full 2021 Data Protection Report provides actionable recommendations for business leaders to keep their data secure as well as an in-depth review of industry-specific practices throughout the healthcare, finance, professional services, insurance and real estate industries. Access the full report and multimedia assets here.

About the 2021 Data Protection Report
Shred-it's Data Protection Report is an annual survey of c-level executives, small and medium business owners, and the public across the U.S. and Canada to uncover valuable insights on data breaches and consumer perspectives and behaviors on information security. Exposing risk and highlighting opportunity for improvement, the DPR sheds light on trends in data protection strategies and practices and the consequences businesses may face in the event of a data breach. Based on the key insights, this original research delivers straightforward, practical recommendations for business leaders on the front lines of the battle to keep their data secure.

About Shred-it
Shred-it is an information security service provided by Stericycle, Inc. Shred-it's leading information destruction solutions ensure the security and integrity of private and confidential information, protecting global, national and local businesses across 14 countries worldwide. For more information, please visit www.shredit.com.

Media Contacts:
Media Relations
Stericycle, Inc.
media@stericycle.com

View original content to download multimedia:https://www.prnewswire.com/news-releases/shred-it-annual-data-protection-report-deems-investment-in-data-and-information-security-no-longer-optional-301407084.html

SOURCE Shred-it

FAQ

What is the main finding of Stericycle's 2021 Data Protection Report?

The report highlights that 25% of North American businesses expect a data breach in the next year, stressing the need for improved data security measures.

How has the COVID-19 pandemic affected data security concerns according to the report?

The pandemic has heightened awareness of data security risks, with many businesses reporting increased anxiety about potential breaches.

What percentage of business leaders do not have an incident response plan?

More than 50% of business leaders lack an incident response plan, making it challenging to respond effectively to data breaches.

What are the potential consequences of a data breach as reported by Stericycle?

Consequences include executive resignations or terminations, legal issues, and reputational damage, affecting both U.S. and Canadian businesses.

How does the report suggest improving data security for businesses?

The report offers actionable recommendations for businesses to enhance their data protection strategies and comply with evolving regulations.