Humans are notorious for saying one thing but doing another. Data security is a case in point.
A year ago I would have agreed with this stat from CGI (and other similar studies), showing that cybersecurity would become a differentiator (i.e. that firms which have access to our personal data would promote that they really do keep it safe and use this to get ahead of their competitors). Anyone who’s ever had to deal with identity theft would doubtless agree.
But then we see this startling stat: even in something as sensitive as financial services, convenience trumps security massively.
I also attended a few data security sessions at the Data Management & Intelligence Conference in Edmonton a few days ago and discovered that it is almost impossible (maybe IS impossible) to keep data secure. Here are a few things I learned from the experts.
Cybersecurity Statistics You Need to Know
First, from Dr. Amelia Estwick, of the National Cybersecurity Institute in Washington D.C. (who is an awesome speaker, by the way!):
- Data breaches are becoming much more frequent and bigger. And …
- Even once you realize your security has been breached, …
Cybersecurity expert, Karen Lopez (@datachick), had a few more scary stats and facts for us:
Corporate Perspective on Data Security
In light of those findings, companies may just shrug their shoulders and give up. They’ll take a few basic security precautions, but risk not having a breach, or at least, not being found out.
That’s a bad idea, for a variety of reasons.
- You could get sued. (Though I’m surprised we haven’t seen more class action lawsuits over data breaches.)
- It might not just be customer information that is stolen; it can be corporate secrets, financials, client lists and sales figures too.
- It can bring your website crashing down. Depending on the type of breach and how the attackers use your site once they are in, it could also get you delisted from Google.
Check out this interview with cybersecurity expert, Saar Cohn (Http://frankreactions.com/90) for more on the topic, and ideas of what your organization can and should be doing to lower risks.
What Individuals Can Do To Increase Their Personal Security
Karen Lopez had these suggestions:
- Don’t give Facebook or other sites any more personal information than they really need. If they insist on birthdates, phone numbers, etc., you can give fake ones. It is far too easy to put together data from different sources to get a complete picture of who you are, and to steal your identity.
- Have a “Starbucks name”: don’t make it easy for strangers to discover who you are in the physical world either.
You might also want to read (or listen to) these posts: