Stericycle Releases its 13th Annual Shred-it® Data Protection Report

This week, Stericycle released its 13^th annual Shred-it^® Data Protection Report (DPR) entitled “Vulnerable Small Businesses Risk Losing More than Just Money”—which reveals perceptions of the current regulatory landscape and top barriers to compliance, as well as assesses the demand for assistance from external partners.

According to the Identity Theft Resource Center’s 2022 Annual Data Breach Report, the number of data breaches remains in line with the all-time high set in 2021, and consumers are not oblivious to the stark realities of cybercrime. Eighty-one percent of consumers would stop engaging with a brand online following a data breach, stated a Ping Identity consumer report. Additionally, the cost of data breaches to all businesses is at its highest level ever with an average cost of more than $4.4M globally, more than $5.1M in Canada, and more than $9.4M in the U.S. This financial impact could cripple a small business as they face potential regulatory actions and fines, legal fees, and the loss of customers.  

This year’s DPR found that 1 in 4 of the small business leaders (SBLs) surveyed reportedly experienced a data breach in the past and, of those, 50% said it was caused by employee error. Close to half (45%) of consumers noted that they have experienced at least one data breach. Furthermore, 3 in 4 of the SBLs and almost all (94%) of the individual consumers surveyed said they are concerned about future data breaches. To help avoid future breaches, more than 90% of SBLs believe that data and information protection and compliance training is an essential security practice, but interestingly, only 15% require employees to complete them.

Following years of stress from the global pandemic, small businesses and consumers now face many financial pressures due to inflation, rising prices, and supply chain issues. Running a business is now more costly than ever, and businesses continue to look for ways to save money. The 2023 DPR found that SBLs recognize that information and data security are critical in building and retaining strong relationships with customers. However, many are still at risk of losing customers and related revenue if sensitive physical and digital data protection is compromised. Addressing data protection properly is an essential part of business leaders’ strategic decisions.

Business-critical insights from the report include:

• Vulnerable Small Businesses May Risk Losing Customers to Potential Breaches
  • 73% of the SBLs and 94% of the consumers surveyed are concerned about data breaches in the future. These concerns are even higher among Canadian small business leaders (81%).
  • Only 60% say they are proactive when it comes to data and information protection, and a mere 22% report being ‘extremely proactive’, potentially leaving many small businesses exposed to future issues.
• Training and Education Can Help Mitigate Potential Risks & Ease Anxieties
  • 71% of SBLs surveyed fear that their employees will not know what to do in the event of a breach.
  • However, only 15% of the SBLs surveyed report that they require their employees to take any training and the few who do have mandatory training are not offering it regularly.
  • A majority (63%) of SBLs admit they do not have a reliable source to maintain relevant policies and training.
• An Effective Compliance Strategy Can Benefit From a Strong Third-Party Partnership
  • 76% of the SBLs surveyed worry that regulations will only become more complicated and burdensome for small businesses in the future. These worries are even more pronounced for Canada-based SBLs (87%).
  • 67% of SBLs are overwhelmed at the thought of changing procedures to meet existing regulations.
  • 47% of SBLs do not currently have third-party partners for managing sensitive digital data and information, but more than 90% of those who do use a third-party partner feel their partnerships are deeply valuable.

The full 2023 Data Protection Report provides actionable recommendations for small business leaders to help keep their digital and physical data secure as well as best practices to remain educated about changes in data protection legislation. Access to the full report and multimedia assets can be found here.

To learn more about how our Shred-it^® secure information destruction solutions can help you protect your business, please contact us to get a free quote and security risk assessment.