by Michael Champion, Management Consultant, BRG mchampion@thinkbrg
It is just under a month and a half into 2016, and we already have over 60 confirmed data breaches exposing over 1.4 million personal information records. And this is only considering personal information leaks, not breaches in which the target is intellectual property. It is no longer the mind-set of companies to think ‘Have we been breached?’ but rather ‘When were we breached, and did we catch it and resolve it?’ So now is it time for organisations to become aware of their own security?
If these were outbreaks of disease, a state of emergency would have been called. And yet, often organisations continue the course and at a later date are left wondering why they were hacked. Of course, one could take the route of one technology firm which stated within their terms of agreement for usage of services:
“YOU ACKNOWLEDGE AND AGREE THAT ANY INFORMATION YOU SEND OR RECEIVE DURING YOUR USE OF THE SITE MAY NOT BE SECURE AND MAY BE INTERCEPTED OR LATER ACQUIRED BY UNAUTHORISED PARTIES”
… but then the firm lost the records of over six million children’s accounts and linked parental accounts. Legalities aside, is this how a company wants to be remembered? Or is now the time when organisations need to take the reins and act responsibly on their security?
Berkeley Research Group has launched a new study intended to start this dialogue with organisations. The Cyber Security Preparedness Benchmark Study is a globally launched survey that aims to gather volunteered anonymous data on organisations’ preparedness from executives or board members. At the end of the study, for those organisations that have participated, a free personalised report including where their organisation stacks up against international peers will be provided (if they desire).
Click the link here to participate.
 2016 Breach List, Identity Theft Resource Center. Available at: http://www.idtheftcenter.org/images/breach/ITRCBreachStatsReportSummary2016.pdf