From the recent hack of the Stellar Lumens cryptocurrency to the Petya cyberattack that affected pharma giant Merck and shipping conglomerate Maersk, cyber attacks have brought various companies to their knees. For most business owners, these are remote threats that seem to wantonly strike other entities; of which they consider themselves to be unlikely targets.
However, one thing is clear – with companies like Yahoo, Sony, JP Morgan, Deloitte, Adobe, Subway, Google and Uber facing data breaches, no company can presume to be safe. These high-profile attacks are just the tip of the iceberg. The use of a variety of tools and attack vectors – phishing, DDoS, and even AI – to compromise company websites or datasets have changed cybersecurity paradigms.
Companies can no longer hope to pass under the radar – any company with customer information is a potential target. According to ‘The State of Cybersecurity 2017’ survey by Limelight Networks, over 90% of consumers in South East Asia check if a website has been compromised in the past before transacting on it.
This has implications for companies, revealing that they need to work toward preventing data breaches to ultimately secure customer confidence. There are two distinct reasons why almost all companies have become more vulnerable in today’s digital age than before.
Firstly, companies today collect a much larger set of customer data, which range from the irrelevant to the extremely personal or crucial. Websites, applications, and social media networks constantly collect personally identifiable information (PII) and make it available for analysis. This makes data repositories of companies extremely lucrative targets for cyber attacks.
Businesses need to know that consumers are extremely concerned about their data and privacy online, with the report also revealing that over 75% of consumers are concerned about having their personal information leaked online. As such, they need to address these cybersecurity concerns effectively and communicate with their customers about these efforts to assuage their fears.
Secondly, companies operating in the digital arena are now connected to an increasing number of networks, resulting in more attack vectors and vulnerabilities added to their systems. Often, the breach of company data might occur due to online service providers.
For example, Uber and Accenture suffered from data breaches related to leaks in their cloud data. A breach in customer data, even if not the company’s fault, can have disastrous effects. This includes a material revenue impact of being hacked, apart from the costs of dealing with a breach.
According to the Ponemon Institute’s study on the cost of data breaches, the average data breach costs companies USD 3.62 million. With increasing government oversight and the new EU General Data Protection Regulations coming into force in May 2018, companies will be legally obligated to protect customer data for EU citizens.
Thus, 2018 is an important year for businesses to invest in expertise and adopt comprehensive security solutions. Given the distributed nature of company data in today’s cloud-oriented networks, on-premise cybersecurity solutions are just not adequate to safeguard all of a company’s secure information.
Cloud-based cybersecurity solutions, firewalls for online platforms, security applications to prevent data loss, and strong in-house talent are all the building blocks of a strong ‘cybersecurity stack’ which can help protect customer data from a variety of different vectors. In spite of these clear incentives to prevent breaches, companies continue to remain vulnerable to cyber attacks.
This could be a result of lacking the resources – human or monetary – to deploy a comprehensive cybersecurity system. Nonetheless, with the growing sophistication of cyber attacks, any company could be the next to make headlines for falling prey to a data breach. It is thus imperative for companies to prioritise protecting their businesses. Spending on cybersecurity solutions, through specialised providers that offer affordable end-to-end services, will prove to be a worthy investment in an age of uncertainty.