Verizon’s 2014 Data Breach Investigations Report revealed that the majority of hackers, approximately 60 percent, seek financial gain from cyber activities. Industry spying for intellectual property accounts for approximately 25 percent, and few hack merely for fun. The implication is that hacking is all about the resale value of data, which affects the return on income (ROI) for hackers.
Taylor Armerding of IT News emphasizes the need for organizations to invest in security systems to the extent that it raises the cost for hackers to steal company data. The more it costs a hacker to break through your firewalls or security systems, the lower the ROI for the hacker. Multiple security levels can deter hackers who will find another, cheaper target. A company does not need the latest and greatest defense, but just enough that the possible pay-off for hackers is not worth the cost of an offensive.
Hacking is big business. The value of the data that can be stolen is an indicator of the level of investment a company should consider. The following are suggestions to ensure that your organization is an undesirable target.
- Analyze your data and its value. Credit card data is valuable information that can be easy to sell. Email lists should be protected; email addresses are often the names of multiple accounts that can be accessed. Intellectual property is only valuable to a limited market such as competitors. If this information is hacked, it is likely that there is a pre-determined buyer. Social security numbers are a hacker’s gold, facilitating assumed identities and access to credit lines.
- Security precautions should be diffused and not centralized. Encryption ensures time consuming and costly deciphering tactics, unpopular with hackers. Keeping software up to date will ensure that data is protected by viruses and other traps that are in circulation. Production may have to be temporarily halted if new configurations are required to host applications. However, the cost of a security breach could be greater. Updating software and installing patches is a simple way to make your company more costly to attack.
- Analyze what your competitors are doing. If you can maintain the same level of security, you avoid the likelihood of being targeted by hackers. Convincing management of the need for investment in cyber security requires communicating the risks of negligence in this area.
Contact A&A Search for your IT and financial staffing needs. We find professionals that know your industry, the latest trends, and the current concerns.