To some executives, the idea of crime against merchants and high-volume data breaches might seem like the latest Hollywood action movie. While it is a reality for retailers because those are the companies we see on the front page of the Wall Street Journal, it seems like fiction for everyone else. Certainly, it's hard to miss the latest data breaches in the news and the associated high-profile retailers: Target, Nieman Marcus and Michael's. All three companies have been hit with extensive breaches of consumers' sensitive cardholder information. But other industries are feeling the cost of data breaches-both financial and reputational--at an even more aggressive level. And smaller companies aren't immune. In a Verizon 2014 Data Breach Investigations Report survey, nearly a third of all breaches occurred at companies with fewer than 1,000 employees. It's time that we all think beyond retail (and beyond the (IO's office) as being most at risk. If your company handles any sensitive personally identifiable information (PII), you are at risk of a data breach.
When a breach occurs, damage can be swift ... and it appears to be getting worse. According to a report released in February 2014, 2,164 incidents reported during 2013 exposed more than 822 million records, nearly doubling the previous highest year on record (2011). Four of the breaches from 2013 secured a place on the Top 10 All Time Breach List.
This seemingly ever-growing threat cannot be ignored. Companies in virtually every industry that handle sensitive data are targets. According to a recent study by the Ponemon Institute, healthcare, financial and pharmaceutical organizations top the list of the most expensive breaches. And while retail may be making the headlines, it's actually the least expensive data breach per customer record.
American companies seem to be particularly at risk. That same Ponemon study showed that U.S. companies experienced data breaches that resulted in the greatest number of exposed or compromised records worldwide (an average of 28,765 records) and the average loss of business per breach was $3 million.
This rise in data breaches and their resulting cost have companies asking "Am I doing enough to protect my data?" As breaches are expected to continue escalating, taking the proper steps to protect your data has never been more relevant or more important. And while data breaches certainly are a PR and a CIO's nightmare, the cost associated with fines, customer...