Shred’s Annual Report Finds Data Protection Vital to Small Businesses

Nine out of 10 small business leaders are finding it harder than ever to keep their company’s data and information secure.

BANNOCKBURN, Ill., August 23, 2022 /PRNewswire/ — Shred-it, a leading information security service provided by Stericycle, Inc. (Nasdaq: SRCL), today announced the release of its 12th annual Data Protection Report (DPR), revealing key insights and expert perspectives on the ever-evolving information security landscape and the challenges it faces. small business leaders (SBL). The report – titled “The Vital Importance of Data Protection for Small Businesses” – reveals the gaps and opportunities in data protection, education and navigating the regulatory landscape.

According to the Identity Theft Center’s 2021 Annual Data Breach Report, data breaches are at an all-time high, surpassing the previous record set in 2017. Last year, physical breaches —including document theft—accounted for 43% of breached assets. The cost of data breaches is also on the rise with an average cost of more than 4 million dollars, which can cripple a small business as they face potential regulatory action and fines, legal fees and lost customers. This year’s DPR found that the majority (90%) of SBLs feel it is harder than ever to keep their company’s sensitive data and information secure, with two-thirds reporting that they have spent more defense budget this year than ever before.

Small business leaders report remote work (69%), employee turnover (63%) and supply chain vulnerabilities (60%) as the driving factors for data protection challenges and concerns today. Furthermore, over half of SBLs find it difficult to keep up with changing data and information protection regulations and lack the resources to navigate them.

Shred-it releases its 2022 Data Protection Report at a time when small businesses are facing new and greater data protection threats. After a global pandemic accelerated a shift to remote work environments for many organizations, more businesses are now offering permanent or hybrid remote work options. The “Great Reorganization,” a time of high labor demand and low unemployment, led to high employee turnover throughout North America. With an array of new employees working in hybrid and decentralized work environments, there has never been a more important time, especially for small businesses, to prioritize data protection.

“It is abundantly clear that ineffective data protection strategies and patchwork security solutions will not cope with today’s data breaches,” said Cory White, executive vice president and chief commercial officer at Stericycle. “Small business leaders need to understand the potential impact of inadequate data protection, not only to protect their bottom line, but also to protect their reputation with employees and customers. Help them stay vigilant and stay aware of evolving regulations. We are committed to helping companies protect their businesses, relationships and reputations through our data protection solutions.”

Critical business insights from the report include:

Small businesses are leaving physical data vulnerable to potential breaches

  • Although the vast majority (91%) believe that physical and digital data protection are equally important, many SBLs (53%) claim that digital risks are the biggest data protection risk to their business today.
  • Only 27% of SBLs say they collect and destroy sensitive materials when they are no longer needed.

Education is key to data protection efforts

  • Only 58% of SBLs say their companies require all employees to undergo mandatory information security training.
  • Even with that training, SBLs fear their workforce still doesn’t understand data protection best practices (67%) or how to navigate a potential data breach (66%).

Small business leaders need support to navigate the changing regulatory landscape

  • 1 in 4 SBLs do not understand the different types of data and information protection laws and how businesses are subject to compliance.
  • 55% of SBLs believe they do not have adequate resources or support to navigate today’s data and information protection regulations.

“This year’s report sheds light on the many challenges small business owners face in protecting their business, employees and customer data and information,” it said. Michael Borromeo, vice president of data protection for Stericycle. “Physical and digital data protection is critical to a company’s reputation and financial performance. Small business leaders and their employees should maintain a regular schedule of data security training to mitigate the chances of a data breach.” data and to stay informed on consumer privacy laws as they evolve.Partnering with a trusted third party for data protection and compliance can help SBLs navigate an evolving regulatory landscape and feel more confident in their organization’s ability to protect sensitive data and information.”

The full Data Protection Report 2022 provides actionable recommendations for small business leaders to keep their digital and physical data secure, as well as best practices for staying educated about changes in data protection legislation. data to ensure compliance. Access the full report and multimedia assets here.

About the Data Protection Report 2022

Shred-it’s 2022 Data Protection Report is a survey of 510 small business executives (eg, business owners, executives, C-levels, VPs, Director+ levels or equivalent) who work for or own companies with 15 to per 100 employees in the US and Canada in a variety of sectors (eg healthcare, finance, professional services, insurance, real estate, etc.). This research revealed critical information security concerns and challenges with data protection today. The report also investigates perceptions of today’s data protection regulatory landscape and key barriers to compliance, future outlook and demand for external assistance from partners.

About Shred

Shred-it is an information security service provided by Stericycle, Inc. Shred’s leading information destruction solutions ensure the security and integrity of private and confidential information, protecting global, national and local businesses in 14 countries worldwide. For more information, please visit

Media contact:

[email protected]


Leave a Comment

Your email address will not be published. Required fields are marked *