Senior management jobs at risk over data security failures

shutterstock_103215932

A Chief Executive, (who had been in that role for the past 17 years) and Finance Director have been dismissed after their company lost £31 million in an email scam. This news, when it emerged, caused the company’s shares to suffer a 17% drop in value, wiped out its profits for the year and resulted in a net loss of £17.5 million.

They weren’t the first (and no doubt won’t be the last) to pay with their jobs for such failures. In December 2015 it was reported that the Finance Director of one of New Zealand’s largest learning institutions has left her job after falling for a very similar scam and sent $118,000 to what turned out to be an offshore bank account.

BEWARE OF APPROACHING ‘WHALES’

This scam, commonly called a ‘whaling attack’, (also known C-level fraud) involves targeting high-level executives with forged emails that appear to come from a trusted colleague and ask for an urgent money transfer to be made.

WHAT WORKERS THINK

Interestingly (and co-incidentally), another recent survey revealed that 29% of employees believe that the CEO of their organisation should be held responsible for a significant data breach.

NOT ONLY A TECH ISSUE

Data security isn’t only about having ‘good IT’. It’s also about having organisational measures in place, training and, above all, a ‘culture’ of data security. Doing this will mean that the decisions and behaviours of all members of staff will go a long way to reducing the risk of a data security breach.

This is especially critical for those working in finance/payroll, and HR departments, as most email scams target these departments. It’s also very important for executives, as they are usually the ones who authorise the payments. And perhaps lose their jobs.

HOW DATAHELP CAN HELP

DataHelp helps organisations to comply with data protection law and good practice, understand and manage the risks associated with failing to do so and prepare for the new EU General Data Protection Regulation (GDPR) that will come into force on 25 May 2018

DISCLAIMER

This article is intended for informational purposes only and should not be relied upon as legal advice.

To contact us call 07902 395989 or use our contact form

Leave a Reply

Your email address will not be published. Required fields are marked *

*