Every day brings another dire headline about a cyberattack, data breach or computer virus. This year alone we have witnessed high-profile data breaches at Target, Neiman Marcus and eBay (News - Alert). With the onset of the Heartbleed bug, cybersecurity has infiltrated mainstream parlance in a way we have never seen before.
Against this backdrop, Americans have a heightened sense of anxiety about who can access their personal and financial information online, and as more and more of our personal information is stored into online databases involuntarily or without expressed permission – whether storing online banking PINs or saving credit card numbers into retail sites – it begs the case for some spike in concern over online privacy and security. As shown by the resignation of Target’s (News - Alert) CEO, breaches have a long-term impact on business financially and on brand reputation.
Results of the 2014 Unisys U.S. Security Index, which measures the level of concern over a range of security risks each year, showed that credit and debit card fraud topped American’s security concerns this year. Fifty-nine percent of Americans reported being seriously concerned about others obtaining and using their credit card details, up from 52 percent in 2013. When asked specifically about whether they would drop their bank or retailer following a data breach, nearly 60 percent said they would be less likely to do business with them after a security breach.
This staggering percentage makes it all the more crucial for enterprises to proactively secure infrastructure by isolating their most critical data and limiting access to those resources, especially since few consumers take their online privacy into their own hands. Businesses should review and enhance existing security measures on a continuous basis to gain continued visibility into security gaps, shield against evolving cyber and physical threats and ensure business objectives are met within the enterprise’s security, compliance and governance framework.
No organization, large or small, is immune to malicious attacks, and a status quo approach to security is ineffective against advanced persistent threats. To build a tightly-integrated security strategy, businesses should:
Businesses that ignore the risk of data breaches do so at their own peril, as security threats against enterprises grow in size, scope and sophistication and consumers grow warier of the brands that can’t fight them off.
About the Author: Dave has more than 30 years of global experience in the IT industry including information security, infrastructure engineering, business alignment, tactical execution and strategic planning. He is a known thought leader and practitioner in the information security industry.