Businesses, as well as users, are at risk of data breaches. To achieve identity theft or launch spear phishing campaigns, cyber-criminals target businesses, companies and even governments that are dealing with large amounts of precious and critical personal information.
Hardly a week goes by without the report of a new massive data breach, impacting thousands of customers that, as a result of the hack, are now at risk of being phished or receiving harmful software (like Malware or banking Trojans) in an email. Data breaches that are aimed at stealing customers’ private information are skyrocketing, so businesses should be aware that they are at risk – they should organise today, to protect their consumers tomorrow.
Hackers don't just use one method to successfully carry out data breaches - this would be much easier to protect businesses against. Cyber-criminals are in fact very smart and tech savvy, and make the most of many different ways to breach a company’s security systems. Their main objective is to go un-noticed by their victim, in order to steal as much critical data as possible before being detected.
Statistics: Just the Tip of The Iceberg
Half 1 of 2016 Data Breach statistics*:
- 974 data breaches were publicly disclosed in the first half of 2016
- 554 million data records stolen or lost
- 04 million records compromised every day
- 126,936 records compromised every hour
- 2,116 records compromised every minute
- 35 records compromised every second
H1 2016 represents a 31% increase from H2 2015: successful data breaches will continue, and 2017 will more than likely be another record-year for the number of compromised businesses.
Why is this “the tip of the iceberg”? The statistics above represent the best-case scenario, simply because a lot of infiltrated businesses may not know yet that they have been breached.
Research indicates that around 80% of cyber-crimes go unreported (to officials and/or the public). There are several reasons for this:
- The business might not be aware that it has been breached
- The business doesn’t know exactly how many data records were stolen or impacted
- The business might not want to publicly disclose that a breach occurred, to avoid embarrassment for their employees who fell victim to the hacker
- The business might withhold from reporting a breach due to a legitimate fear of the repercussions this bad news will have on their customer base
How Can Businesses Protect Themselves, And Their Customers?
FraudWatch International’s experts recommend that businesses:
- Ensure all employees are familiar with secure online practices and know where to escalate any urgent issues to the correct and relevant departments. User education is key!
- Ensure that the above incident response plan is updated frequently, all staff members’ roles and responsibilities should be clearly defined and frequent testing should also be performed
- Ensure that security is up-to-date on all servers and PC’s. By installing the latest updates and patches, organisations give themselves the best chance of ensuring that these cannot become compromised
- Create a culture of security that starts from the top – if management welcomes honesty, integrity, security and ethics, then employees are more likely to get on board. Cybersecurity is a team effort!
Cyber-criminals are always going to up the ante when it comes to making attempts to steal the valuable customer data businesses store on their servers. Business owners need to make sure they stay one step ahead at all times and protect their most valuable asset – their customers.