4 of 10 Mid-Sized Firms Have Had Data Breach: Survey

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.insurancejournal.com/news/national/2015/06/26/373176.htm

Forty-three percent of mid-sized businesses say they have experienced a
data breach in the past three years and 13 percent have had a supplier’s
data breach impact their business information.

Also, according to The Hartford’s survey of midsize business owners and
C-level executives, most midsize business leaders (82 percent) consider a
data breach at least a minor risk to their business. Nearly one-third (32
percent) view it as a major risk.

A majority (53 percent) consider IT security and data protection practices
“very important” when selecting a suppliers.

“All types of businesses have networks and networks can be vulnerable to a
breach,” said Joe Coray, vice president of The Hartford’s Technology & Life
Science Practice. “As we have seen in recent years, a breach involving a
supplier or vendor can impact a business as much as a breach of its own IT
systems. Whether businesses are hosting their data internally or entrusting
it to external business partners, it is important that they validate how
their information is being secured.”

Only 36 percent consider a supplier’s contingency planning and 28 percent
view a supplier’s location relative to their business as very important.

“Given what is at stake in terms of a company’s operations and reputation,
evaluating a prospective supplier or vendor‘s IT security and data
protection protocols against current best practices should be a critical
part of a company’s due diligence process,” said Coray.

The The Hartford’s 2014 Midsize Business Monitor survey was fielded from
September 16-23, 2014. More than 500 owners and C-level executives of
midsize businesses headquartered in the U.S. with annual sales or revenues
of $10 million to $1 billion participated in the online survey, which had a
margin of error of +/- 4.3 percent at the 95 percent confidence level.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!