At the March 2017 SXSW interactive festival in Austin, Texas, two young Congressmen discussed creative ways to attract cybersecurity experts to serve in government, including the National Guard. This comes at a time when the cybersecurity workforce is projected to be short 1.8 million employees in 2022, according to CIO.com.
The shortage of cybersecurity experts coupled with the increasing frequency and severity of cyberattacks should prompt public and private sector organizations to evaluate the cyberdefense they have in their own arsenal.
Heavily Regulated Industries, Take Note
Each record containing sensitive and confidential information that is lost or stolen in a data breach costs an organization $158 on average, according to the Ponemon Institute’s 2016 Cost of Data Breach Study. For some businesses, a cyber breach can be insurmountable – nearly 60 percent of small companies go out of business following a hack, according to the House Committee on Small Business.
Every industry is vulnerable to a cyberattack, but certain industries face higher data breach costs. Heavily regulated industries, including health care, education and financial organizations, tend to incur a loss substantially higher than the average $158 per capita data breach cost. In health care instances, the cost is more than twice the average.
Negligent Employees and Contractors Cause a Quarter of Data Breaches
While most data breaches are caused by malicious or criminal attacks, 25 percent are caused by negligent employees or contractors, or “human error.” People are becoming an easier target for cybercriminals to exploit rather than defeating modern security software.
Through tactics such as email phishing, attackers gain credentials and other sensitive information and typically also install malware to hunt for other sensitive data, or, if you are really unlucky, install ransomware. Third-party contractors can also mismanage critical organization or customer data, whether intentionally or through ineffective IT security and controls. In fact, third-party involvement in the cause of a data breach increases the per capita data breach cost.
Strategies to Mitigate the Risk
To help combat this threat, aside from system hardening and email filtering, organizations should start a security awareness program to train anyone with an email address to identify suspect emails and report them.
Also include a scenario in your incident response plan for how to identify, report and quarantine a malware attack. Having an incident response team and employee training are factors that decrease the per capita cost of a data breach, according to the Ponemon study.
To learn more about the latest cybersecurity updates, particularly in the financial services industry, attend the April 20 event “Stay Out of the Headlines: Cybersecurity Update for Financial Institutions.” Click here to register.
If you would like more information regarding a cybersecurity strategy for your organization, contact Anthony Munns, Partner, Advisory Services, at 314.983.1297 or firstname.lastname@example.org.