One-third of US companies breached last year, consumers pay the price


The ongoing battle between businesses and cybercriminals is placing consumers in the crossfire – and many don’t even know it. Last year, 34 percent of US-based companies experienced some type of online security breach, according to a report from Bitdefender. Even more alarming – two-thirds of companies surveyed said they would pay an average of $124,000 to keep the hack private, leaving unsuspecting customers in the dark.

The landscape of unsecured data is growing – nearly 80 percent of Americans shop online, according to a December report from Pew Research. That’s roughly 251 million people, a huge jump from just 16 years ago, when only 22 percent of Americans shopped on the web. But online buyers aren’t the only ones at risk – a quick credit card swipe can send financial data straight into the hands of cyber thieves, as Arby’s and InterContinental Hotels Group proved earlier this month.

Paying exclusively with cash or avoiding internet retail isn’t enough – using an email account from a company like Yahoo can place personal information at risk. And while 34 percent may not seem that high, the figure only included companies that revealed security breaches. Many, fearing bad publicity, did not.

“The statistics around 2016 data breaches or business compromises are only those reported,” cybersecurity expert Kenneth Holley told us Sunday. “We know that many businesses, for a variety of reasons, simply do not report breaches.”

Holley is a 24-year veteran of the online security industry and co-founder of Shield Logic, a Washington, D.C.-based firm that provides protection for federal, state and local US governments. He is also the CEO of Information Systems Integration.

Most companies “aren’t doing nearly enough” to protect themselves, Holley said.

“Based on recent studies, we know that 95 percent of security breaches involve human error. This means that the vast majority of attacks are against people, not technology,” he explained. “A sound security defense involves multiple layers, beginning with a firm’s staff – the development of culture of security awareness – physical security, premise security, risk assessment.”

Unfortunately, no business is impenetrable. A company can still get infiltrated by malware or experienced hackers, even if it has a strong security network.

“We should all understand that 100 percent protection against breaches and compromise isn’t possible, and a sound security posture isn’t static, it is an ever-evolving process,” Holley said. “Without question, the breach trend is getting worse, and in many ways, we are in the digital fight of our lives.”

Author: Jessica Smith

Share This Post On
Submit a comment

Submit a Comment