April 16, 2015
Have you heard about President Obama’s information sharing plan to reduce security breaches? It’s part of a larger proposed strategy to better secure cyberspace.
The plan would increase the exchange of cyber threat information between the private sector and the National Cybersecurity and Communications Integration Center (NCCIC). An agency of Homeland Security, NCCIC would share cyber threat information as quickly as possible with relevant federal agencies and private sector centers.
More sharing this way, said a CBSnews.com report, would lead to better information, faster responses, and the increased ability for companies to see a cyber attack coming.
But would it significantly reduce security breaches?
While there was some positive support by respondents in a recent Passcode Influencers Poll (one supporter said: “Sharing of threats and latest intel is the easiest way to mitigate breaches”), 87% of respondents were not convinced.
“Information sharing allows better and faster band aids but doesn’t address the core problem,” was one comment.
“Information sharing is an important component of cybersecurity but will not reduce security breaches by itself,” was another.
At the same time, there’s no question that something more needs to be done to protect confidential information online.
The amount of information that has been breached is staggering. According to the Privacy Rights Organization Chronology of Data Breaches, more than 816 million records have been breached since 2005.
From businesses’ point-of-view, the 2014 Cost of CyberCrime Study by Ponemon showed that the average cost of cyber crime per company has increased 95% in the last four years. The annual number of successful attacks per company increased 144%.
Furthermore, the 2014 U.S. State of Cybercrime Survey by PWC showed an average of 135 security incidents in 2013 per organization. Two-thirds of companies that detected a security incident were not able to estimate the financial costs. For those who could, the average annual loss was approximately $415,000.
While new cyber threat strategies such as Obama’s information sharing plan gain steam, businesses are encouraged to follow cybersecurity best practices.
Find out how big the penalties can be when a company doesn’t comply with privacy laws.