01732 759725
BULLETIN : TRENDS
4
Businesses to blame
Less than one third (29%) of consumers
believe that businesses are doing enough
to protect their data and more than half
(58%) expect their personal details to
be stolen at some point in the future,
reveals the 2016
Data Breaches and
Customer Loyalty
report from Gemalto.
Two thirds of the 9,000 consumers
surveyed say it’s unlikely they would do
business with an organisation responsible
for exposing financial or sensitive data.
Consumers believe 70% of the
responsibility for protecting and securing
customer data lies with the company that
holds it and just 30% with the individual.
Gemalto claims that more than 4.8
billion data records have been exposed since
2013, with identity theft accounting for 64%
of all data breaches.
Salaries for IT security professionals and data analytics/BI specialists are set to
grow significantly in 2017, by 8% and 4% respectively, according to the
2017 Robert
Walters Global Salary Survey
.
We’re all social now
Half the world’s population, or 3.773 billion people, is now
connected to the internet, according the latest digital trends
report by social media management platform provider
Hootsuite and marketing agency We Are Social.
Digital in 2017
reveals that in the last 12 months global social media use
has risen by 21%, reaching 2.8 billion users globally. Of these,
91% access social media from mobile devices, a rise of 30%
compared to last year. Hootsuite says that as increased use
of smartphones and social messaging has changed the way
people communicate, organisations should transform their
communications strategy to increase customer engagement
and real-time interaction across the customer journey.
Over one third of organisations that
experienced a cyber security breach in
2016 reported customer, opportunity and
revenue loss of more than
20%, Cisco claims in a new
study, the
Cisco 2017 Annual
Cybersecurity Report
(ACR).
The survey of 3,000 chief
security officers (CSOs) and
security operations leaders
in 13 countries reveals
that 22% of breached
organisations lost customers,
of which 40% lost more than
20% of their customer base;
29% lost revenue, of which
38% reported losses of more than 20%;
and 23% lost business opportunities, of
which 42% lost more than 20%.
After experiencing a breach, 90%
of affected organisations chose to
improve their defences and processes by
separating IT and security functions (38%),
increasing security awareness training for
employees (38%) and implementing risk
mitigation techniques (37%).
Budget constraints, poor compatibility
of systems and a lack of trained talent are
seen as the biggest barriers to enhanced
security.
Another problem highlighted by
the report is the complexity of security
environments, with 65% of organisations
employing from six to 50 plus security
products. Cisco warns that this increases
the potential for security effectiveness
gaps and helps explain why 2016 saw a
resurgence of ‘classic’ attack vectors, such
as adware and email spam.
Cisco says spam has reached levels
not seen since 2010, accounting for 65%
of email traffic, and that 8-10% of spam
messages are malicious.
It advises organisations to take the
following steps to protect themselves:
n
Make security a business priority:
Executive leadership must own and
evangelise security and fund it as a priority.
n
Measure operational discipline:
Review security practices and patch and
control access points to network systems,
applications, functions and data.
n
Test security effectiveness:
Establish
clear metrics to validate and improve
security practices.
n
Adopt an integrated defence
approach:
Make integration and
automation high on the list of assessment
criteria to increase visibility, streamline
interoperability and reduce the time to
detect and stop attacks.
Increased security spending
ineffective
Despite greater spending on cyber
security, the number of IT security
executives in large firms who have
experienced a security breach continues
to rise.
More than two thirds (68%) of the
1,100 senior IT security executives
surveyed for the 2017
Thales Data Threat
Report
(produced in association with 451
Research) say they have experienced a
security breach at some point, with 26%
suffering one in the last 12 months.
Both these figures have risen in the last
12 months.
Expenditure on security is up too, with
73% of organisations reporting increased IT
security spending (up from 58% last year).
The top two spending priorities are network
(62%) and endpoint (56%) protection
solutions. Spending on data-at-rest
solutions is at the bottom of the list (46%).
The main reasons to invest in IT security
are compliance (cited as a top spending
priority by 44% of those surveyed), followed
by best practice (38%) and protecting
one’s reputation/brand (36%).
Cyber criminals are viewed as the
Number One external threat (44%), ahead
of hacktivists (17%), cyberterrorists (15%)
and nation states (12%). The list of insider
threats is headed by privileged users
(58%), followed by executive management
(44%), ordinary employees (36%) and
contractors (33%).
Thales warns that because of the cloud
and SaaS enterprise deployments, more
and more enterprise data is being created,
processed and stored outside corporate
network boundaries, making traditional
perimeter-based security controls and
legacy network and endpoint protection
solutions less and less relevant.
As a minimum, it advises organisations
to:
n
leverage encryption and access controls
as a primary defence for data and consider
an ‘encrypt everything’ strategy;
n
select data security platforms that
address a variety of use cases and
emphasise ease of use; and
n
Implement security analytics and multi-
factor authentication solutions to help
identify threatening patterns of data use.
Businesses pay price for poor security in
lost customers and falling revenue
Salary hike
