The significant costs and loss of customer or client trust has many businesses concerned with suffering from a data breach. These incidents have risen sharply since 2005. More than a decade ago, only 200 data breaches were reported, but through the end of 2014, that number had increased six times.
This is partially due to both the improvements in companies’ abilities to detect when they’ve been hit by a breach and the introduction of dozens of laws nationwide that require greater reporting for companies that suffer breaches in the first place.
While many companies have not been hit with data breaches, experts generally advise that the question is “when” not “if.” With this in mind, and with October being Cybersecurity Awareness Month, companies should do all they can to make sure they’re protected in such an event.
PUTTING A CYBERSECURITY PLAN IN PLACE
There are a wide variety of laws across the country for how different organizations should protect their data. Companies should use these laws as a baseline to develop plans for how they will deal with a data breach, so that when the company is hit, all decision makers know exactly how they’re supposed to react.
Some companies may be put at risk for data breaches even if they aren’t the ones being targeted by hackers because employees use their work email accounts when registering for social networks, software, and dating services. An estimated 97 percent of large employers worldwide have likely had at least some employee account details exposed in a data breach in the past few years.
” … the best thing companies can do is determine where and why they may be vulnerable to a breach.”
When developing the plan, the best thing companies can do is determine where and why they may be vulnerable to a breach. Knowing this can help inform how to best boost security and prepare for the event. In turn, this helps companies improve safeguards against a breach while continuing to operate as normal.
Companies should also evaluate how sensitive data is shared with third parties to avoid potential pitfalls. While thinking about how to protect the data digitally, companies should be thinking about how they protect the data physically as well. Many times, critical information is sent and received constantly and is stored in multiple places from physical file cabinets, the cloud, and hard drives. Devices used to access files vary as well.
To decrease the likelihood of an accidental hack, companies should take the time to train employees how to properly handle this sensitive data on an ongoing basis. The more that can be done in this regard, the less likely an accidental breach will occur.
Follow CyrusOne on Twitter @CyrusOne.
Delivering what’s new and next in Dallas-Fort Worth innovation, every day. Get the Dallas Innovates e-newsletter.