What percentage of your life is spent online? According to a research report by watchdog Ofcom, an “average adult spends more than 20 hours online a week” – that is around 2.9 hours per day (which also includes time spent online at work). It also points out that the time spent online ‘whilst on the move’ has increased by five times since 2005 from 30 minutes to 2.5 hours per week. Probably enough evidence to suggest is that the Internet has become an integral element of most people’s daily life.
The Internet has multiple benefits – it brings you news from around the world, lets you communicate with your distant friends, relatives or colleagues and even allows you to make business deals happen across the globe. But the Internet also represents a risk as a facilitator/platform for cyber security breaches. No Internet = no security breaches, but who can imagine a world without the Internet, whether it’s in a personal or work context?
Data Protection/Cyber Security regulations exist to ensure the safe handling or exchanging of data regardless of whether the entity in question is an individual or an organisation. We also saw enterprises increasing their security spend year after year to ensure they keep their data and intellectual property safe. Global analyst firm Ovum even predicted that the overall spend on enterprise security is likely to exceed $37bn.
Have you been following the recent data breach scandals?
In 2015, we saw a number of notable organisations succumb to major data breaches that resulted in reputational damage and negative public responses, which of course had an impact on their bottom line. Notable instances within the UK were Talk Talk’s – dubbed the UK’s biggest data breach of 2015 and Carphone Warehouse, which left about 90,000 customer credit cards at risk.
To see a compilation of the World’s Biggest Data Breaches, click here.
An article by TechWorld breaks down the top security breaches by sector for the first half of 2015 – which saw Healthcare & Government organisations topping the list. The majority of organisations which fell victim to a data breach were from the Service sector – service providers who handle large amounts of customer data on a daily basis. With this in mind, it is important for enterprises to consider these 3 critical factors whilst assessing data security measures:
1. How sensitive is the data being handled – is it Regulated/confidential etc.?
2. How is it managed/handled – Are you using enterprise ready systems or tools?
3. Where is it stored – on your premises/private cloud/trusted cloud storage?
Are you at risk of a data breach?
Every security breach story is a lesson for the future – but it is also good to have a checklist to evaluate whether you’re on the right track to ensuring data security in your enterprise. While not an exhaustive or complete list, these are a few common causes of data breaches:
1. Employees using personal [unauthorised] devices or tools for work purposes – also known as Shadow IT
2. Companies not utilising the appropriate technology to get the job done
3. Organisations’ resistance to change or to adapt to the changing technology landscape and still using traditional methods to exchange and store data – which are not particularly compliant to the changing industry standards
4. Lack of enterprise wide training on best practices while handling data online. The Breach Level Index Database shows that 22% of data breaches that occurred in the first half of 2015 was due to ‘Accidental Loss’. You cannot always blame your employees it seems.
5. IT administrators not following the protocol for ensuring data security – which includes not setting rules/restrictions– or being unaware/uneducated on the sensitivity of data being handled internally
6. Departments still using older versions of software –new versions are produced for many reasons, and security is one of them
7. Do you know where all of your data is? Is it stored on your ‘on-premise’ servers or is it secure with a Cloud hosting provider? If it’s neither of the above, then your organisation may be at risk.
A data breach aftermath will takes ages to heal
Last year, the average cost of data breaches in the UK was $4.4m (£3.1m). Data breaches not only causes businesses monetary loss, but has a negative impact on their intangible assets. The ‘healing time’ to rebuild such lost assets could cost competitive position in the market. Any or all of these negative outcomes can occur:
- Losing customer trust = negative ‘word of mouth’
- Damaged brand reputation and value
- Declining market shares
- Losing competitive advantage
- Declining financial performance
- Losing shareholders’ interest and trust in the business
Evolve to stay safe
It is important for organisations to evolve and to match their standards, systems and employee skills with the ever changing technological landscape. Standards and protocols are put in place to aid organisations make the best use of today’s technology to achieve their organisational goals, but most importantly, to stay competitive in their respective markets.
So learn to make use of the Internet – the right way.