Information Security: Are Data Breaches Becoming the Norm?
Consumers are becoming increasingly blasé about data breaches according to a recent YouGov Brand Index, which polled consumer perceptions following some of the recent mega breaches. Study participants were asked if they had heard positive or negative things about the different brands. Then, the bad responses were subtracted from the good ones to create a ‘buzz score’ for the company.
Most recently, JP Morgan Chase, whose November cyber breach affected 76 million households, had the smallest decrease – its buzz score dropped from 6 to -7.
The 2014 Aftermath of a Mega Data Breach study by Ponemon is further evidence that consumers are starting to perceive data breaches as the norm – 61% of respondents said ‘data breaches affect most companies and I think it’s unavoidable’.
When asked how they responded to notifications of data breach incidents in the past two years, 32% ignored the notification.
Regardless, experts warn businesses that it’s important not to let their data protection guards down. This will only result in even more data breaches and exposed personally identifiable information.
Small and medium businesses with leaner budgets and less formal information security policies may be more at risk of being targeted by identity thieves and other criminals.
The following safeguards are recommended for every organization:
Retain only the personal information that is necessary for your records and operations, advises CIO magazine. Otherwise, partner with a document shredding provider to destroy documents that are not needed.
Create a comprehensive information security policy and a company-wide culture of security.
Develop a Bring Your Own Device policy. A poorly managed BYOD policy combined with irresponsible employee behavior online make companies easy targets for hackers, said a marketing consultant in a recent post about ‘data breach fatigue’.
Schedule on-going employee training that highlights practical solutions and procedures. Protect sensitive data in and outside of the office with a Clean Desk Policy and security-driven best practices.
Bolster network and computer security with secure file transfer, the best encryption software, strong authentication, and other data management and security solutions.
Limit access to confidential information to staff that need the information to do their jobs.
Put an aggressive incident response plan in place. The Ponemon study showed that following a data breach, consumers want identity theft protection (63%), the best credit monitoring services (58%), and compensation (67%).
Implement a document management system including a retention schedule and secure document destruction. Shred-it’s Document Management Solutions Ebook provides a comprehensive guide.
Take this free Security Risk Assessment to help identify areas in your business where a data breach may occur.