- Managed DaaS
- Happy End Users
Conceptually, most organizations know that security is important. When it comes to making the investment to protect corporate and customer data, though, not all companies have made the commitment to the policies, procedures and technology needed to adopt a truly strong security posture. But two new studies were recently released that should have companies taking a long, hard look at security.
Cisco released the 2017 edition of its annual Cybersecurity Report. Here are a few key takeaways that should have organizations very concerned:
Meanwhile, IDC released a special report looking at U.S. consumer sentiment and opinions regarding data security and privacy. This poll held even more bad news for organizations that struggle with security.
Though cybersecurity has been a topic of discussion for years now, it’s important to not get desensitized to the threat – because it’s growing. The year 2015 saw the second most U.S. data breaches since the Identity Theft Resource Center started tracking the metric. A year later, 2016 set a new all-time record, seeing a 40% year-over-year increase in data breaches. Breaches within the business sector dominated, accounting for 45% of incidents, followed by healthcare/medical breaches (34%).
Hackers aren’t the only threat either. Employee mishandling of data (whether malicious or unintentional) can result in security breaches and compromised data as well. For instance, a recently discovered data breach within the healthcare industry was the result of “highly confidential information [having] been accessed and copied onto a flash drive without authorization,” as reported by the HIPAA Journal. That flash drive was subsequently “allegedly lost,” further exposing the sensitive data to unauthorized access. In fact, 46% of major personal health information (PHI) related breaches in 2016 were the result of unauthorized access/disclosure or loss, both categories generally dominated by employee mistakes.
The trends in breach incidents, coupled with clear consumer concern and dire business ramifications make it clear: cybersecurity can no longer be ignored, postponed until later or approached with a “wait and see” or “good enough for now” mentality.
“Security teams who believe they will dodge this bullet are ignoring the reality of the data. … Given the attackers’ range of ability and tactics, the question isn’t if a security breach will happen, but when.” – Cisco 2017 Annual Cybersecurity Report
Strong policies and consistent employee training are important components of a security program, but organizations need to consider taking a stronger stance, including physically baring certain high-risk desktop functions and ensuring all data is encrypted and secure at all points of access, transmission and storage.
Storing sensitive data on endpoint devices or allowing employees (including third party contractors) the ability to mishandle information by copying/pasting, saving to external drives or cloud locations, printing, etc. are going to lead to ever increasing threats and a higher chance of a high-profile breach. The public is increasingly aware of these threats – and increasingly unwilling to do business with organizations that aren’t taking proactive steps to guard their data. While organizations shore up their internal approaches to security, they need to heavily consider outsourced vendors who also make security a top priority and help solve the security problem.
Learn how Dizzion can help address endpoint and end user vulnerabilities with desktop security and controls.
Nov 08, 2018
Learn how Dizzion helped Mindseeker create a secure, HIPAA compliant, easily scalable environment for remote medical coders. READ MORE