Mid-sized businesses in the UK are Europe's worst performers when it comes to managing information risk.

According to recent research from information management firm Iron Mountain and PwC showed that the British are bit rubbish when it came to security. The survey involved 600 senior managers of mid-sized European businesses in the UK, France, Germany, Hungary, the Netherlands and Spain.

The analysts compiled an index based on a set of measures that, if put in place and frequently monitored, would help protect the information held by an organization. Of the six countries included, the UK consistently fared the worst, achieving a score of only 55.08 against a target of 100. While there was no stand-out performer in Europe, Hungary outperformed the other European countries with the highest overall index score of 61.

Christian Toon, head of information risk at Iron Mountain Europe said it was a surprise that the British performed so badly.  It was not as if they were playing football or anything.

"High-profile data breaches receive such widespread media attention in the UK, seriously damaging brand reputation. But the findings reveal that though many British businesses do have a data protection and information risk strategy in place, most fail to monitor its effectiveness," he said.

In Hungary, with its high level of ISO certification, businesses are more likely to have training programs, clear guidance, codes of conduct and employee communication programs in place. Toon said that while some countries performed better than others, the results suggest that there is a problem across the board with the way businesses regard information risk.

"Too few see the risk as a serious threat to their business. Addressing this shortcoming must start from the top. It's time for the Boardroom to start making Corporate Information Responsibility an integral part of their organisation, just as many have done with Corporate Social Responsibility," he said.