Data Breaches & Education Are Increasing
The Ponemon Institute, headquartered in Traverse City, Michigan, recently released their data breach survey which surveyed over 500 executives in the United States about how they think their company would respond to a breach. Last year when they completed this survey, about 61 percent of companies said they had data breach response plans in place for such an event. This year that percentage has increased to 73 percent.
While this is good, breaches are also happening more frequently, 33 percent of companies surveyed in 2013 said their company experienced a breach, this year it increased to 43 percent. That is a big number for one year’s worth of growth. The 2013 study said that 52 percent experienced more than one breach in two years, that number is now up to 60 percent.
One statistic that we are very happy to see is the number of companies that have increased their data protection awareness and employee education programs. These programs are very important for companies because they deal with employee mistakes and human error as it relates to breaches(employees are the leading cause of data breaches). This year 54 percent of companies have these programs, up from 44 percent last year.
Okay, so we’ve given you a bunch of numbers and that’s all fine and good, what on earth does it all mean? First off it shows that more companies are starting to get on board with the idea that cyber security is important. Notoriously, executives are unlikely to want to be involved in all of the “techie” stuff because they don’t understand it and/or they don’t want to understand it. This is a problem. If your executives do not understand what your job is and how that impacts how the rest of the company operates, we have a problem. If you are like more modern day businesses, the majority of what you do is on a computer, be it accounting, graphic design, retail purchases,whatever it may be, odds are you use computers to get it done and we know that everyone gets rather annoyed when computers don’t work.
Now what happens when those computers cease to be secure and data gets breached? Most often you get slapped with a class action lawsuit for failing to protect your clients/customers data, and unless you have really good lawyers, you will not win. Which means you could have to pay out thousands,maybe millions in legal fees and settlements. The 2014 Cost of Data Breach Study, which was sponsored by IBM, the average cost of a data breach to a company was $3.5 million in US dollars and 15 percent more than what it cost the previous year. If you do your due diligence and attempt (we can only attempt after all) to secure your data, your expenses will be in the thousands. However,compared with millions that is a small price to pay.
Breaches happen, sometimes we can take all the precautions in world and still have a breach. But, there are steps you can take to secure data. If you take those steps and are putting forth the effort, your likelihood of being on the losing side of a lawsuit decreases dramatically.
ABOUT THE AUTHOR: Scott Greene of Evidence Solutions, Inc.
For over 30 years, Scott Greene of Evidence Solutions, Inc. has been helping companies meet the challenges of the swiftly evolving computer technology industry. Scott went to work for IBM. Scott studied Systems Engineering at the University of Arizona. He has since earned certifications in many products and programming languages.
The Evidence Solutions team analyzes data from Computers, Cell Phones, Black Boxes, Dispatch Systems, Medical Records, Email systems and more. Scott then explains the digital evidence in plain English.
Scott’s extensive knowledge draws clients to him from all over the United States as well as Internationally for consulting, Forensics and expert witness services. His extensive and diverse experience allows him to be an expert in many facets of digital and electronic evidence. Scott, a sought after speaker and educator, travels throughout the country sharing his knowledge and presenting to local, regional, national and International organizations.
Copyright Evidence Solutions, Inc.
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer.For specific technical or legal advice on the information provided and related topics, please contact the author.
