Why Your CEO Should Care About Information Security
The US Federal Government, 60 million South African citizens, 57 million Uber customers and the British National Health Service. What do they all have in common?
They’ve all hit the news recently as victims of security breaches, cyber attacks or hacks.
At times it feels like nobody is safe. If you want to avoid a similar outcome, now is the time to focus on information security.
Why Is Information Security Important?
Transactions, knowledge, communications, databases, infrastructure; an organisation’s information is arguably its most valuable asset. Regardless of legal or regulatory requirements, it is in a business’ best interests to keep its information close to its chest and out of the hands of competitors, to retain data integrity, and to make sure all information is available wherever and whenever it’s required for business operations. Fail to do this, and vital information could get into the wrong hands or be rendered otherwise useless.
What Is Data Protection?
Let’s think of data protection as the rules; a set of laws, regulations and best practices telling us how we should collect and use personal data or information about individuals.
In the US, unlike Europe, there is no over-arching data protection legislation, so why is data protection important? If recent breaches have shown us anything, it’s that the fallout for organizations can be far greater than just legal consequences. People generally expect that companies will safeguard their sensitive data, so any loss of this trust can have huge ramifications for future custom, and ultimately a business’ bottom line.
The increase in the amounts of data we’re storing, easier portability of this data and penalties for failing to comply with strict data protection regulations, such as the EU GDPR and New York Cybersecurity, mean that now, more than ever, organizations need to get hot on keeping stuff secure.
The Importance Of Data Security
A subset of information security, data security is, about keeping your data safe. With heavier reliance on computers, there are a number of potential threats to the data you’re storing. Data can get lost due to system failure, corrupted by a computer virus, deleted or altered by a hacker (or even by an employee with a grudge!). A simple user error can result in an overwritten or deleted file or, often caused by lost devices such as a tablet or smartphone falling into the wrong hands.
There are several data security methods you can put in place to guard against these things, but does it really matter? As Equifax discovered earlier this year, it turns out the answer is yes.
3 Ways A Security Breach Could Impact Your Organization
1. Costs, Fines & Reparations
According to the Ponemon Institute Cost of Data Breach Study 2017, the average cost of a data breach in the US in 2017 was $7.35 million. That’s 5% up from last year. This figure includes legal fees, fines, auditing services, repaying customers and other financial losses.
2. Reputational Damage
The Equifax data breach earlier this year that saw 143 million US citizens’ data fall into the wrong hands, is thought to have cost Equifax $87.5 million. But worse, if you type Equifax into the Google search box and look at the autocomplete suggestions, you’ll see ‘Equifax breach’ and ‘Equifax hack’ topping the list. And if you search for the company’s name alone, you’ll be faced with a sea of articles about the hack.
How’s that for reputational damage?
3. Job Losses
If it’s your responsibility to worry about this stuff, you could be forced to carry the can for any repercussions by exiting the organisation. Uber’s recent scandal (and subsequent cover up!) resulted in the removal of two employees including the company’s Chief Security Officer, Joe Sullivan and the company legal director, Craig Clark.
In high profile cases over recent years, top level executives at Target, Yahoo and Equifax have paid for security breaches with their jobs.
As organisations, we are storing and using even more data in the course of doing business. It is therefore essential that organizations address this with suitable data protection to protect from financial losses and reputational damage.
In the end, the importance of data security is no longer just a ‘techie’ concern – it should be a board level concern, and part of your organisation’s business strategy.
Don’t wait for a breach… discover what sales-i can do for you and secure your data now!