Change is a constant, even so when it comes to Information Technology. What happens then, when the people managing it struggle to keep up with the rapid changes? Security threats and breaches lurk in the corner for those who are complacent. According to ViaWest, 2.5 Quintillion* bytes, equating to 57.5 billion 32GB iPads worth of data were created daily in 2012. Furthermore, 90% of digital data that exists today has been created in the last 2 years. This is obviously only going to rise at breakneck speed in the near future. That said, IT security is never enough, never adequate and breaches can happen to any organization. There has already been over 200 million pieces of data records stolen or lost in the first quarter this year alone, with many more being compromised as we speak.
Employees are often the weakest link when it comes to data security. While it is human to err, most breaches are only possible due to complacency. A survey conducted by Trendmicro revealed that the top 3 causes of are namely the loss of data-bearing device, third-party mishaps and system glitches. Additionally, only 19% of the employees surveyed reported data breaches and hardly anybody reports device loss. Data loss can also occur in a number of ways:
The impact and consequence of a data breach can be disastrous. Ponemon Institute revealed that it would cost organisations an average of $5.4 million should a data breach happen. Organisations stand to lose more than just money and confidential information – trust, investor relations, brand equity, productivity are also on the line.
The security breach of Target Corporation is a great example of such losses. In the biggest breach of 2013, hackers installed a malware to capture customers’ credit card information and transferred them to a private server. The breach did not go unnoticed by Target’s $1.6 million malware detection tool, which alerted Target’s security team in Bangalore about the breach. Bangalore then flagged Target’s security team in America but for some reason, the team in America did not react to the sirens. Target stood by as 40 million credit card numbers, phone numbers and other personal information gushed out of its servers.
The consequences were dire, as $61 million was spent responding to the breach. Furthermore, Target’s brand value dropped by 35 points on the BrandIndex scale, raking up to a reduction of 1 billion in value of its brand. The incident also triggered widespread public anger and lawsuits – more than 90 lawsuits have been filed against Target by customers and banks for negligence and compensatory damages. That’s on top of other costs, which analysts estimate could run into the billions.
As Ponemon Institute puts it, IT security is a necessity rather than a luxury. Information should always be safeguarded and measures put in place to secure it, doing so can save your organisation millions a year, not to mention upholding the brand and building unwavering trust among your customers.
* A Quintillion is one, followed by 18 zeros (1,000,000,000,000,000,000)
Featured image credits: telegraph.co.uk
