Top CEOs are under pressure following a string of major data breaches that are costing the Big Brands hundreds of millions of dollars, reports Computer Weekly. In fact, a recent study sponsored by Hewlett Packard Co. and carried out by Ponemon Institute revealed that the annual average cost of cyber crime for major U.S. Company is $11.6 million. This is a 26 percent increase from last year.
In the week leading to March 6th 2014, Target Corp. Chief Technology Officer resigned after news broke that hackers had stolen in excess of 40 million credit and debit card numbers plus information belonging to at least 70,000 Target customers.
Data breaches didn’t start yesterday. The first major breach was reported back in 2004 when AOL lost more than 92 million records to hackers. Later in 2007, it was TK/TJ Maxx that was attacked with 94 million records being compromised in the process. 2009 saw Heartland and the U.S. military suffer attacks. But the three data breaches that shocked everyone and which double up as the deadliest ever witnessed were the attacks on Adobe, the Massive American Business Hack, and more recently the EBay disaster in which more than 145 million records were compromised.
So, why are data breaches even more common today?
There are two main reasons for the sharp rise in high profile data breaches;
The growing value of personal information.
Hackers are becoming more efficient and better organized as companies struggle to effectively secure heir system
The growing value of personal information
When millions of transactions are now being completed online including payments for goods and services, you can tell that there is so much more to gain from hacking today than it was a decade ago. Major retailers now store large amounts of customer information online; information that not only includes debit and credit card numbers but also passwords, login names and so much more. According to the vice president of Europe at Voltage Security, Mr. Andy Heather, hackers are no longer just looking for financial data because they know such data have a limited lifespan; as soon as the victim changes account details, the financial data becomes worthless. Personal information can be used for a much wider range of identity theft and fraud. Another reason why personal information is a more valuable asset is because such information “simply cannot be changed.”
Hackers becoming more sophisticated and organized as companies lag behind
When you want something so much, you’ll do everything to get it. However, it looks like this statement makes more sense to hackers than it does to companies. An annual report compiled by Verizon on Data Breach reveals that corporations are either not keeping up with the scope of data breach attacks or they are way too slow in their reaction. While attackers can now hack a large enough system in a matter of hours, it still takes months for companies just to discover that their systems were hacked.
“We’ve got a lagging situation here”, says David Burg who represents the U.S. advisory on cyber-security at PricewaterhouseCoopers (PwC). “Businesses are not acting quickly enough.”
According to the Verizon report, there were 63,437 incidents of successful hacks into companies’ security systems in the 2013-2014 period resulting in 1,367 instances of data lifting. The study also revealed that these attackers work in groups of professional hackers; they’re “pooling skills, resources, and infrastructure” for trading the stolen material.
To deal with this situation, companies must assume that all security systems can fail and that they should start protecting personal information and other critical data more aggressively.