In the U.S., you’re more likely to experience a cyber attack or data breach than the flu
Did you know that your business is more likely to experience a data breach or cyber attack than you are to get the flu? According to WebMD, nine to 30 million people (2.75-9.17% of the United States’ population of 327 million) get the flu each year. Compare this to:
- 67% of businesses report being victims of cyber attacks and 58% report experiencing data breaches over the past 12 months.
- 75% of Americans whose financial records were exposed in the Experian data breach in 2017.
- 83% of respondents from ProofPoint’s 2019 State of the Phish Report who said they experienced phishing attacks in 2018.
- Almost 400 million user accounts that were exposed in the Marriott data breach at the end of 2018.
We’re not suggesting that this means you should ignore your doctor’s recommendation of getting a flu shot this year. However, you should also be concerned about virtual threats that could affect the health of your business. Let’s take a closer look at the risks, costs, and concerns associated with cyber security attacks and data breaches a little more in depth.
Let’s hash it out.
U.S. to Become the Biggest Target of Cyber Attacks by 2023
We really shouldn’t be surprised by this kind of information considering that U.S. small businesses are often the targets of many data breaches each year (43%, according to SCORE). In fact, Juniper Research anticipates that U.S. organizations and businesses of all sizes will be the targets of 55% of all cyber attacks each year by 2023.
In its recent report Grand Theft Data II — The Drivers and Shifting State of Data Breaches report, which was comprised of commercial and enterprise businesses in Asia Pacific (21%), North America (35%), and Europe (43%), McAfee reveals:
“A majority of IT professionals have experienced at least one data breach during their careers—61% at their current company and 48% at a previous company. On average, they have dealt with six breaches over the course of their professional lives.”
Cost of Cyber Security Incidents and Data Breaches
According to a recent report from Cybersecurity Ventures and the Herjavec Group, “cybercrime will cost the world in excess of $6 trillion annually by 2021.” The costs of cyber attacks on individual businesses, according to an Accenture study, average $13 million per year. This amount can easily surpass the budgets of small to midsize businesses (SMBs) and force them to close their doors. This is particularly the case of businesses that neglect to invest in cyber security liability insurance.
If that in and of itself isn’t enough to make you reach for an antacid, this may do so: The costs of cyber security breaches extend beyond strictly financial concerns — particularly for those whose data breaches result in the exposure of customers’ personal information. This type of information has a virtually evergreen lifespan. Unlike credit card numbers and employee login information, which need to be used or sold immediately to have value before someone has time to change their account information, personally identifiable information (PII) is a long-term play for cyber thieves. This means that the lingering effects of a data breach may still be felt by your customers (and your brand image) several years after the initial incident took place.
According to Frank Abagnale, a former con man who became a consultant for the FBI, during an interview for Cybercrime Magazine:
“People who steal mass data warehouse that data typically for three to four years. So, if I break into a Target or a Home Depot and steal credit cards and debit cards, I need to get rid of that immediately. It has a very short shelf life. But if I steal your name, your social security number, your date of birth — you can’t change your name, you can’t change your social security number, you can’t change your date of birth. So, obviously, the longer I hold it, the more valuable it becomes.”
What You Can Do to Protect the “Health” of Your Company and Safety of Customer Data
The CDC recommends that everyone six months of age or older get a flu vaccination each year (with the exception of those who have specific allergies or medical conditions). They also recommend eating healthy, drinking lots of water, and getting plenty of sleep to help keep your immune system in peak condition. This same concept applies to your cyber security defenses and how they help protect the overall well-being of your business.
Much like getting a flu shot, there are things you can do to help toughen your cyber defenses and increase your cyber resilience. Large and small businesses alike can regularly check the “temperature” of your cyber security initiatives through a variety of methods, including:
- Regularly monitoring your traffic, access, and server logs;
- Regularly updating and patching your software and hardware assets;
- Managing digital security certificates and keys; and
- Assessing and testing your systems and employee knowledge through regular training and testing.
Ultimately, the goal is to minimize the risks to your business and customers from experiencing a cyber security attack or breach and to aid in speeding up your business’s recovery after a breach.
Much like keeping your employees healthy should be a major priority, keeping your company’s sensitive data and customer information secure should also always be a top concern for every business. All it takes is one employee opening a phishing email or clicking on the wrong link to land your company in hot water. Without adequate protections and response plans in place, once a hacker gains access to one system, their access spreads like a virus through the others and may cause irreparable damage.
Ask yourself: Are you taking every precaution to ensure your business stays healthy in 2019?
As always, leave your comments and questions below…