Data breaches not only cost companies millions, but they also inflict reputational damage, customer turnover and operational costs. The average cost of a data breach has risen 6.4% to a global average of $3.86 million this year, according to research from the Ponemon Institute.
2018 appears to be the year of regulatory compliance, threatening to hinder all IT initiatives and projects. Whether it’s The Payment Card Industry Data Security Standard (PCI DSS), the banking sector’s PSD2 (Revised Payment Service Directive), NIST for federal agencies or the EU’s boogey-man - Global Data Protection Regulation (GDPR), organizations worldwide are struggling to meet all industry-specific guidelines and recommendations to avoid substantial fines following an incident.
Companies still struggle with ransomware, phishing, data breaches and other attacks that bypass their security and affect their budgets. Enterprises know they are in dire need of technology that will safeguard their infrastructures from known, unknown, and undisclosed vulnerabilities.
Security executives fear cyberattacks will heavily target critical infrastructures in the near future, but they don’t seem to be doing much about enforcing security policies that also cover IoT devices. Despite the major threat they pose, connected devices have so far been overlooked in security policies. It appears that in general, in spite of the increasing awareness of high-profile cyberattacks and threats, enterprises tend to look the other way rather than invest properly in a cybersecurity strategy.
Cloud security has grown into a major issue for enterprises, as only one company in six encrypts all data, according to a Bitdefender survey. While 85% of CISOs fear security flaws in the public cloud, as many as 51 percent of enterprises don’t properly secure their cloud storage services, according to RedLock, leaving their data exposed to hackers.
Businesses cannot come up with a mitigation strategy to efficiently detect, identify and manage insider threats, according to research from the Ponemon Institute, so they risk the loss of critical confidential data and resources, network shutdown and reputational damage. In the past year, 159 organizations from the United States, Canada, Europe, Middle East, Africa, and the Asia-Pacific region dealt with 3,269 security breaches caused by insider threats due to plain negligence.
An increase in cyber threats and a failure to learn from past incidents place the security of data, infrastructure and assets at risk, according to a new threat landscape report.
To anyone who has been paying attention, this isn’t as much of a surprise, as it is a confirmation of the ongoing tenuous condition of enterprise cybersecurity but a just-released survey from specialty insurer Hiscox shows that roughly three-quarters of the 4,100 organizations surveyed face significant shortcomings when it comes to cybersecurity.
Keeping senior leadership abreast of security strengths and vulnerabilities has become a top priority, according to financial sector Chief Information Security Officers (CISOs). And direct communication with the CEO has become imperative, as strong cyber defenses require increasingly rapid decision-making.
Doctors can’t prescribe proper treatment for patients without identifying and analyzing symptoms to make a clinical diagnosis. It’s the same for CISOs, who are responsible for their organization’s digital health.
The deadline for full compliance with the European data protection law is right around the corner, but businesses still lack awareness and must overcome many security oversights. Surprisingly, as few as 38 percent of companies in the UK have actually heard of GDPR, according to a government survey. If businesses are not prepared by May 25, when the law takes full effect, they could face fines worth up to €20 million.
While modern technology makes possible new business models to drive growth and profitability, digital transformation opens your business to more cybersecurity risks, according to a survey by Thales and 451 Research.
