Understanding the impacts of a data breach
As the home office and remote working creates new, unforeseen vulnerabilities in data security, so have the costs of incidents risen dramatically. According to research from McAfee and the Centre for Strategic and International Studies (CSIS), the total global cost of cybercrime has surpassed $1 trillion per year, and about $500,000 per company.
One of the main emphases of the report was a lingering lack of understanding on the full scope of consequences at stake. Although the financial and national security aspects might be well attended, says Steve Grobman, senior VP and CTO at McAfee, others like investigative, productivity and performance costs are less considered. Data breaches can leave scars on a business long after the incident has passed. The best way to mitigate this is sufficient preparation. Moreover, increased online business creates more opportunities for cyber criminals, and perhaps there is more than just correlation behind the numbers (though this is still partially speculative). Indeed, a Microsoft report examining the first half of 2020, in which it states that hacker attacks increased by 35% during that period, further demonstrates what’s been happening.
Over the past several years, we have even reached a point where the IRS is issuing statements advising people to take cybersecurity seriously during the holiday season.
Phishing also remains one of the most prevalent means of attack, allowing relative ease of access for hackers who manage to fool even just one person. Such a preference for this method should be a strong impetus for companies to guard against it. Traditional tools like antivirus and firewalls won’t be enough if a malicious actor possesses stolen credentials from a legitimate source. Without securing the data itself or training staff on the best defensive behaviors while working from home, more incidents will occur.
Ultimately, what the McAfee and CSIS report reveals is a lack of preparedness and understanding, which puts organizations at a disadvantage in the fight to protect their data. Unique challenges have been presented this year, both for companies and hackers alike. The question is who will have the greater motivation to succeed.