Following Target's data breach, in which the financial and personal data of 40 million Americans was leaked online, cyber security has been the focal point of businesses everywhere - or so we've been told. A report by the Economist Intelligence Unit, however, reveals that only 17 percent of businesses are fully prepared to prevent or combat a digital breach.
This information is particularly evident when considering another recent - and record-breaking - security breach. In February 2014, a number of incidents resulted in the theft of 360 million personal records; those stolen records then went up for sale in the virtual black market. One theft in particular consisted of 105 million records, which is likely the largest internet-related security breach in history. Furthermore, this data does not include the 1.25 billion e-mail addresses also available in this marketplace. Even more alarming is that the businesses and organizations from which this information was taken may be entirely unaware of the incidents, although it is also possible that they are unwilling to disclose details about the thefts. No entity is safe, either - social media, financial institutions, dating sites, and job search engines are all at risk.
These breaches can be more damaging than the theft of credit card information, because they include active user names and passwords. With this sort of information - which is often not encrypted - access is wide open to health records, business networks, tax information, and financial account information. And when consumers use the same user names and passwords for multiple accounts? It may make their lives easier, but it makes the work of hackers easier as well.
It does appear, however, that firms that have already been affected by security violations are taking things seriously. They are twice as likely as their unaffected counterparts to have intact safety with a third-part entity. Furthermore, it is expected that firms with a security-response protocol in place will rise to 80 percent within the next few years.
Factors Affecting Businesses
must be alert and prepared to manage the ramifications of potential threats - and there are quite a few.
- Bring Your Own Device (BYOD) policies are gaining popularity within workplaces. While there are a multitude of benefits to BYOD, significant risks include employee misuse of devices and company information, unreliable and inefficient applications, and minimal enforcement - or nonexistence - of policies and procedures.
- The cloud is another virtual entity that has proven both beneficial and risky to businesses. Positive outcomes of utilizing the cloud can only be enjoyed, however, if there is sufficient data protection and assurance that personally identifiable information is strictly safeguarded. Businesses that fail to do so are penalized.
- After Target disclosed its security breach during the holiday season - a time when sales increase dramatically - the chain suffered a significant business slump. It can be concluded, then, that data thefts have multi-layered effects. Consumers are robbed of their personal information; businesses must then contend with wary customers, which may then contribute to the hesitance by entities to report said breaches.
- When businesses become victims of data theft crimes, their partners are affected as well. When Target was robbed, its partners were then forced to deal with their own security concerns. These are no small-name partners, either - Visa and MasterCard were among them.
- Aside from formal repercussions and system malfunctions, businesses that fail to effectively respond to threats will inevitably face dents in their reputations. Disgruntled customers whose records have been lost, for instance, will most certainly share their frustrations with others. Customer reviews and social media sharing are far-reaching, and negative reviews or comments on social media can compound the losses caused by the security malfunctions themselves.
To avoid such catastrophic consequences, responsible businesses are protecting themselves by investing from the root of every website; it's server. Third-party web hosting providers generally offer IT services, and the industry is evolving as the need for increased security for their clients grows. Professional web hosts can ensure that business-class software is in place and up-to-date.
More web hosts, in an effort to protect not only their clients but also their own infrastructure, are beginning to implement software that automatically detects and removes malware. iPage
, for example, searches for malware on a daily basis and immediately removes threats using its SiteLock Premium
In the wake of major headlines involving data breaches, it's more important than ever to ensure top-notch security. But saving face among a national media audience isn't the only incentive to do so; search engine algorithms are quickly detecting and de-indexing sites with malware. So, losing visibility with search engines is a major concern that will continue to increase the priority of server security initiatives for webmasters and IT admins in corporations over the next few years.
April 3, 2014
Jayson DeMers is the founder & CEO of AudienceBloom, a Seattle-based content marketing & social media agency. You can contact him on LinkedIn, Google+, or Twitter.