The overwhelming majority of companies facing IT security incidents were unable to keep information about those incidents confidential due to pressure from third parties.

This ultimately led to major blows to business reputations, according to B2B International, which worked with Kaspersky Lab this year to conduct the Global Corporate IT Security Risks 2013 survey among business representatives around the world.

Public disclosure of information about IT security incidents is often inevitable, something that most organisations can’t avoid.

The study revealed that an average of 44% of companies that suffer a data leakage are forced to disclose the incident to clients who might potentially be affected by the incident, while 34% informed their business partners, 33% informed their suppliers, 27% reported to regulators, and 15% were obliged to disclose details to the media.

Large companies are more frequently faced with having to disclose details about IT security incidents to third parties. These organisations must primarily report to regulators, clients, and the media. The need to disclose this type of information naturally risks causing substantial damage to corporate reputations.

Not infrequently, disclosure is also associated with financial losses in the form of fines imposed by regulators, and compensation for related losses incurred by clients and partners.

Since regulators, contractual obligations to clients and partners, and other factors often do not permit a company to keep information about data leakages confidential, the only real way to avoid damages from the disclosure of this type of information is to prevent an IT security incident from happening in the first place – by building a secure, protected IT infrastructure.