It's been a rough year for businesses when it comes to data breaches. A new report from ThreatTrack Security suggests that things will improve dramatically in 2015—that is, unless the survey participants are overstating the efficacy of their network defenses. It’s important for you to take steps to secure your own data to make sure you’re protected either way.
The title of the ThreatTrack report—2015 Predictions from the Front Lines: Cybersecurity Professionals Very Confident in Their Ability to Fight Data Breaches in 2015—spells it all out. The survey of 250 IT professionals from companies of 2,000 or more employees reveals a high level of confidence when it comes to guarding against cyber attacks.
The summary of the report states, “though security professionals expect their organizations to be increasingly targeted by cybercrime in 2015, they are feeling optimistic—so much so that a significant majority is willing to personally guarantee the safety of their customers’ data. Their optimism appears rooted in plans to invest in the coming year on shoring up cyber defenses.”
Let’s start by taking a look at some of the findings from the survey. Nearly seven out of ten respondents believe their organizations are more likely to be targeted by a cyber attack in 2015. However, 94 percent indicated that their ability to detect and prevent data breaches will improve in 2015.
There is nothing wrong with IT professionals' having confidence in their efforts and capabilities when it comes to protecting against cyber attacks, and defending against data breaches. But saying that security defenses will improve is a long way from saying it will be effective or sufficient. There are variety of ways a company can improve security policies and tools, yet still be exposed to significant risk. When more than 80 percent of those surveyed are issuing personal guarantees, it suggests that IT professionals are in denial and continue to believe that data breaches are just something that happens to other companies.
If you had asked a year ago, Target, Home Depot, Michael’s, and other victims of recent major data breaches would most likely have stated that they, too, were confident in the security policies and tools they had in place. The compromise of point-of-sale systems, though, and attacks like the DarkHotel cyber espionage campaign have a way of evading detection and wreaking havoc despite the best laid plans of IT professionals.
What does that mean for customers? You can exercise some control by choosing which companies you’re willing to do business with, but ultimately you’re going to be trusting your data to someone.
However, you can’t afford to have complete faith. Nobody will guard your data as tenaciously as you will yourself. Take steps to protect yourself: Use strong passwords, employ two-factor authentication anywhere you can, and use more secure methods of payment where possible—especially during the upcoming holiday season.