Cybercrime incidents are only set to get worse as companies continue to ignore the pervasive threat posed by virtual criminals, who are operating with more sophistication and stealth every day.
A 2014 US State of Cybercrime survey highlighted the mounting disparity between enterprise security mechanisms and the criminal forces that constantly threaten them. Unfortunately, it’s this latter group that appears to be winning out. The survey — which was released by PwC US and CSO magazine and reported in Continuity Central — suggests that businesses are not doing nearly as much as they need to be when it comes to guarding against attack.
A Concerning Lack of Preparedness
Of the enterprises surveyed, the average number of security incidents per business stood at 135 over the past year. This number is reflective of an increasingly potent malicious atmosphere, one that threatens businesses of all types, not just the obvious targets like financial institutions.
Yet despite the proliferation of attacks and the costs incurred when dealing with one — annual security losses for an average business are around $415,000 — businesses don’t appear to be taking suitable measures to firm up security.
Of those surveyed, a mere 38 percent of respondents said they had a formal system in place to invest in proactive security solutions. For the rest of the companies, simply sitting and waiting to be attacked seems to be their unfortunate modus operandi. The lack of enterprise preparedness is particularly surprising given that nearly 60 perfect of the companies surveyed admitted they were more anxious about cybersecurity threats this year than last.
In an Age of Increased Company Accountability, Better Security Measures are Imperative
Just as cyberattacks are going to grow in intensity, so too will the storm of public scrutiny toward breached enterprises. As InfoWorld contributor Paul Venezia points out, that’s exactly the way it should be.
“If [companies] are going to collect and maintain data on their customers that can be used by bad actors to steal money and the identities of those customers, they need to be held accountable in ways significant enough that the markets do care,” he wrote. “Only then will we see actual change in the way that data is managed and secured.”
In his piece, Venezia vented his frustrations at receiving a call from his credit card provider that his card had been potentially compromised, even though the company could not tell him by whom. This concern is not Venezia’s alone; it extends to many customers, and it is cause for change.