A few studies found that businesses with less than 500 employees actually experience more cyber attacks on average than their larger counterparts. Cyber attackers believe that the bigger the business the more prepared they are to defend against cyber attacks. Based on over a decade of experience, that is not what we have experienced. However, another factor that comes into play is legal action. Larger businesses are more likely to take legal actions against the cyber attackers and that is a deterrent. The Identity Theft Resource Center (ITRC) issued its 2008 report that stated the number of breaches reported in 2008 was up 47 percent from 2007. A international survey of small and medium sized businesses found that 1 in 5 companies reported a"security
Hacked - Security Recruiter.
incident" in the past year and about 70 percent believed there was a chance that such an event could be serious enough to put them out of business,whether through the costs of rebuilding systems or the damage done to their reputation. The cost of successful cyber attacks continues to rise. The U.S. Data Breach Cost report found that the average total per-incident costs in 2008 was $6.65 million, compared to $6.3 million in 2007. In addition, the average cost of a breach rose to nearly $210 per record compromised in 2008 as well. Finally, third-party organizations were involved in more than 44 percent of all cases in the 2008 study and are also the most costly form of data breaches for a number of reasons. The analysis found that the organizations that devoted less time to preventative cyber security paid a disproportionately higher price when they were compromised. Based on this information, it is clear that U.S. businesses continue to pay dearly for having a data breach. The increasing frequency of data/security breaches, as well as more demanding regulatory compliance requirements, means organizations can no longer ignore this growing risk.
With a 322 percent increase in cyber attacks against small and medium sized organizations in the past year, the risks continue to increase. Every CEO is responsible for protecting the assets of their corporation. These assets include people, intellectual property, corporate and customer information, infrastructure, network, and computing resources. The high cost of a breach, plus the associated regulatory fines that typically follow, are minima lcompared to the loss of image and customerconfidence that accompany most breaches. That being said, security is just one part of the solution. Organizations must strive to retain their integrity. Integrity is the sum of security, governance, compliance and resilience. Without integrity, organizations are at great risk of failure!
What’s Your Integrity Quotient?
4017 Washington Road
Mail Stop 348
McMurray, PA 15317