Great security technology is expensive—but not nearly as pricey as the costs of non-compliance or a security breach. Gartner recently predicted that information security spending would become a $81.6 billion dollar industry in 2016.
Are your passwords an open invitation to cybercriminals? Even if you believe your organization has adequate access management policies in place, you may be surprised at the weak, default, and repeated passwords lurking in places throughout your company's network.
In the past year, 77% of data breaches involved an insider, according to Verizon.
From disgruntled employees committing sabotage to innocent mistakes, humans are one of your organization's greatest information security risks. In fact, a shocking amount of high-profile data breaches in recent years have occurred because of employee behaviors.
While it's crucial for information security pros to understand human vulnerabilities, the root cause of data breaches isn't always as simple as human action. In many cases, a combination of technical, policy, and human failures can contribute to an incident with data loss.
Over the past two years, data breaches have cost the U.S. healthcare industry over $6.2 billion dollars, according to the Ponemon Institute's Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. Currently, the health industry is among cybercriminals' favorite targets.
The Ponemon report indicated the biggest categories of risk are quantified as follows, with survey respondents allowed to select more than one answer:
- Distributed denial of service (DDoS) - 48%
- Ransomware - 44%
- Malware - 41%
- Phishing - 32%
- Advanced Persistent Threats - 16%
- Rogue Software - 11%
- Password Attacks - 8%
In any given month, thousands of organizations worldwide may suffer a data breach.
A study sponsored by the UK government estimates 65% of large organizations are affected in any given year and 25% of large businesses are targeted at least once per month. Not every data breach hits the news, but the organizations who gather media attention following an incident can offer invaluable lessons for the rest of us.
A decade ago, many organizations might not have considered a data breach as something to cause worry. Now, the potential compromise of sensitive data is considered a consistent cost of doing business.
The 2016 Cost of Data Breach Report by Ponemon Institute and IBM Security clearly revealed that a data breach is a permanent risk for organizations of all sizes and industry backgrounds. The report further estimated the average cost paid for each stolen record containing confidential information is $158.
Are retail data breaches a thing of the past? Hardly. In fact, Pricewaterhouse Cooper's (PwC) Global State of Information Security® Survey research indicates criminal attacks on retail organizations grew 154% in the past year alone, and not only are attacks becoming more common, the same PwC survey results indicate they have a 72% greater impact than they did in 2015.
Do you know what's on your employees' mobile devices? CyberEdge researchers believe mobile applications are the greatest risk to your company's network. In a 2015 assessment, Veracode found an average of 2,000-plus malicious apps on network mobile devices. The solution isn't necessarily a broad-based ban on personal app usage in the workplace. Rather, it's time for security pros to double down on endpoint security.