The High Cost of Not Protecting Data

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://midsizeinsider.com/en-us/article/the-high-cost-of-not-protecting-data

The cost involved with data theft is massive, but many midsize IT
professionals do not realize just how large it is. That is why it is
important to investigate more carefully the causes and effects of IT
breaches.

Karsten Strause writes about cybersecurity threats on the horizon in his
article for Forbes. The specifics are frightening. A number of incidents
that prove the importance of securing organizational information occurred
in 2013. The events of the past year should influence midsize IT decision
making going forward.

The Expenses

Understanding the high degree of security required for personal information
is important. Theft of credit card information and personally identifiable
information including personal identification numbers (PINs) can allow a
hacker to make purchases using stolen information. The overall cost of
security breaches is quite high. Potentially even worse is the damage that
can occur to a business's brand as a result of the breach. Midsize
organizations that skimp onsecurity should consider that these types of
unseen expenses can be avoided with the right measures in place.

The Causes

A number of factors come into play in a security breach. Some major issues
arise from procedural matters. Someone must be in charge not only of
putting up security barriers, but also of working to maintain them.
Malicious actors are always on the offensive; therefore, midsize businesses
should be as well.

When no one in a business is responsible for security issues, there is no
one to ensure that preventive measures such as system upgrades are
completed. When there is no one to take charge, there is no one to address
security problems that IT does discover. Midsize IT often has this problem
for want of a go-to person for security matters.

The Takeaways

The cost of data breaches is immense. Midsize IT should scrutinize the
events of 2013 as cautionary tales. Many SMBs still do not attend to the
risks at hand. Vulnerabilities are a major threat to an organization and
should be treated as such. Understanding and evaluating risk is a part of
staying one step ahead of the potential holes through which hackers can
enter.

Midsize IT can learn from the lessons taught by major security breaches.
The harsh reality is that most SMBs are too lax in their security measures.
That is why there is no better time than the present to increase security
and prevent attacks.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.