Here's a fun thought experiment, try and imagine one area of your business today that does not involve technology in some way. It seems like even making coffee these days involves a computer of some kind. With so much reliance on technology, it's incredibly important to put security measures in place so business functions are not disrupted.
For some many businesses cybersecurity is, simply put, outdated. Meanwhile, hackers are adapting to the quickly evolving innovations of technology at increasing speeds from year to year. The result is increased threat of critical data beaches
If You’re Not Building or Breaking Technology, You’re Playing with a Handicap
The reality for most people interacting with technology, which is most people, is that before they can begin to protect themselves and their information from being exposed or breached, they need to understand how that is occurring. This learning curve automatically places the body politic at a disadvantage; a disadvantage that is shared by their governing agencies and the companies that have possession of their information.
Obviously, a huge disadvantage that the public faces is a result of the consequences incurred when data is breached form a company. Any data breached - particularly personal information - from a company that deals with the public, threatens the trust they have with their clients, and ultimately their success. If major companies can get away with not sacrificing that trust and success, they are likely to deal with any cybersecurity issues as discretely as possible, leaving the percentage of people who have experienced a data breach even higher than those that report having experienced a data breach.
This leaves the average citizen uninformed, and perhaps feeling hopeless against the threats of cybersecurity. But with a growing dependence on technology by businesses, people need reassurance that they can continue to trust companies that house their sensitive information. These reassurances come through depending on the strength of cybersecurity laws and the expectation that the companies they interact with are following through with promises of confidentiality and network security.
Data Breaches are the Tortoise AND the Hare
If the evolution of technology sponsored a race, it would be between data breaches/hackers and cybersecurity, and depending on who you ask, you might perceive that hackers are winning. Not only are they evolving with technology, but their movements are often unnoticed until they cross the finish line. Businesses with little or outdated cybersecurity measures, on the other hand, trail behind, getting bogged down by processes and plagued by a primitive body.
For over ten years, states have been attempting to act on behalf of the population in regards to cybersecurity and the public’s personal information. As Jeff Kosseff describes in the Wall Street Journal:
“Since 2002, states began requiring companies to notify customers and regulators if certain types of personal information are exposed. Forty-seven states and the District of Columbia have such notification laws.”
Although a positive step for the population that has been so far uninformed about data breaches, such laws are often buried in policy and regulation, and vary from state to state. If a company does experience some kind of data leak, they must research the proper procedures to remain within the law. Some information breached may require total public notification, while other information may not require any notification. Being inundated by these policies and procedures detracts from working on other healing measures of the data breach.
Secondly, these types of laws are notifying customers of breaches after the damage has been done, again falling behind in the race against continually progressing technologies and abilities of hackers. Rather than creating preventative policy, cybersecurity is stuck in dealing with the aftereffects.
What is Effective Cybersecurity
It’s no surprise that with outdated cybersecurity standards being the only standards enforced, data breaches are happening more frequently and with a greater spread of influence. Siting a recent survey of executives by the Ponemon Institute, Kossef informs that 43% of 567 executives reported experiencing a data breach in 2014, up from 33% the previous year. Even if these rates begin to plateau, they would indicate that data breaches are effecting nearly 50% of companies, and “in the modern era of daily data breaches that involve millions of customers, all Americans should assume that their personal information was exposed, and should regularly monitor their credit reports.”
These numbers add to the fear that comes from the conflict of depending on a technology that one does not understand, and should lead all individuals to scrutinize the network security policies of the companies that they do business with. Similarly, it should lead all companies to invest more time and money into building a stronger defense against data breaches so that they do not become hindered by the out-of-date regulations of cybersecurity.
Companies should invest in constant, 24/7 network monitoring by a trusted IT team to watch the health and performance of your network, data, and software. At any time, a company should be able to have access into the details of the status of their security and network performance. It is only with defenses and access such as these that a company can use network security efficiently and begin to catch up to the speed at which data breaches are occurring.