According to frequent headlines in the press, cybersecurity is an issue that has seized the attention of corporate boards and the executives who report to them. The reality is probably more nuanced. Although the largest companies in some sectors are engaged in extensive risk management efforts, the broader business community in the middle market remains at best uneven in its response, says Matthew F. Prewitt, partner with law firm Schiff Hardin in Chicago, chair of Schiff Hardin’s data security and privacy team and co-chair of the trade secrets and employee mobility team.
The character Don Quixote became legendary tilting at imaginary giants that were ultimately just windmills dotting an expansive countryside. His cause was noble, but his efforts were fruitless and completely misguided.
Fortune 1000 companies are emphasizing new privacy initiatives this year, increasing annual privacy budgets to $3 billion in 2015. According to Linda McReynolds, a senior attorney at Marashlian & Donahue, LLC, the CommLaw Group, enterprises can be better positioned to weather unintended data breach emergencies by following these five tips.
For data security, 2015 is predicted to be as bad or worse as 2014, as more sensitive and confidential information and transactions are moved to the digital space and become vulnerable to attack, according to The Ponemon Institute’s study 2014: A Year of Mega Breaches.
The number of data breaches tracked in 2014 hit a record high of 783, according to a report from the Identity Theft Resource Center, sponsored by IDT911. This represents a 27.5-percent increase over the number of breaches reported in 2013, and an increase of 18.3 percent over the previous high of 662 breaches tracked in 2010.
I recently interviewed Marc Goodman, founder of the Future Crimes Institute and author of the recently published book “Future Crimes: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It.” In his book, Goodman sets forth with great precision the frightening extent to which current and emerging technologies are harming national and corporate security, putting people’s lives at risk, eroding privacy, and even altering our perceptions of reality.
In 2009, Heartland Payment Systems announced that it had suffered a devastating breach: 134 million credit cards were exposed through SQL Injection attacks used to install spyware on Heartland’s data systems. The company processes payments for debit, prepaid and credit cards, in addition to online payments and checks and payroll services.
Frankly, it’s costing U.S. businesses more than other nations’ enterprises worldwide, according to data collected in the 2014 Cost of Cyber Crime Study: United Statesfrom the Ponemon Institute and HP Enterprise Security. The mean cost of cyber crime for a company in the U.S. last year was $12.7 million per year; other countries’ enterprises mean costs ranged from Germany’s $8.13 million to Russia’s mere $3.33 million. The study observes a $1.1 million (or 9.3 percent) increase in cyber crime costs for the U.S. from last year’s report.
Consumers want more digital capabilities from their commercial banks – 70 percent of commercial banking customers use online or mobile banking each week, but they are looking for more.
THE MAJORITY OF U.S. CONSUMERS (94 PERCENT) have heard or read about major retailer data breaches in the past year, and three-quarters say retailer data breaches have increased their level of concern about personal data privacy, and 61 percent characterize their data management as “Take-Charge” instead of Reactive (26 percent) or Passive (11 percent), but despite these reservations, consumers are changing very little about their key shopping habits.