2014: Year of the Breach
The following breaches occurred in 2014:
- eBay (145 million people affected)
- JPMorgan Chase & Co. (76 million households and 7 million small businesses affected)
- Home Depot (56 million unique payment cards)
- CHS Community Health Systems (4.5 million people affected)
- Michaels (2.6 million people affected)
- Neiman Marcus (1.1 million people affected)
- Staples (point-of-sales systems at 115 of its 1,400 retail stores)
With headlines like these, it’s easy to think this kind of thing only happens to huge enterprises. But there is more data in every phone, network, and PC than ever before. While you have better tools to collect and store data, guess what? The bad guys have better tools to take it. There are very sophisticated and well-equipped, organized cyber syndicates, individual criminals, gangs, hacktivists, terrorists, and even armies harvesting data. It can—and does—disappear in the blink of an eye.
Don’t think bad guys want your data? Think again.
The ITRC (Identity Theft Resource Center) tracked a record high of 783 U.S. data breaches in 2014. These breaches are confirmed by various media sources and/or notification lists from state governmental agencies. Estimates are that up to 90% of breaches go unreported. It’s not like the Wild West. Today’s gangsters live in the Ukraine and can steal records from a hundred businesses at a time while they sleep. And the next day they can sell those medical records, SSI, and credit card numbers on the Internet.
Additionally, 2014 saw a proliferation of very profitable data ransom schemes executed. With big enterprises spending to defend themselves in 2015, small and midsize health, legal, and retail organizations are the low hanging fruit for the bad guys.
As FBI Director James Comey recently warned, “The Internet is the most dangerous parking lot imaginable. But if you were crossing a mall parking lot late at night, your entire sense of danger would be heightened. You would stand straight. You’d walk quickly. You’d know where you were going. You would look for light. Folks are wandering around that proverbial parking lot of the Internet all day long, without giving it a thought to whose attachments they’re opening, what sites they’re visiting. And that makes it easy for the bad guys.” Are you making it easy for the bad guys to make your business a victim in 2015?
2015: Year to Protect Your Business
Most businesses do not have the resources to recover from breaches. Business continuity and layered security need to be part of every business’ budget and plan. The threat is real and will only get worse in 2015. If your staff and advisors do not have your business prepared, 2015 is the time to put the people, tools, and processes in place to keep you from being next.