A recent Forbes report highlighting noteworthy incidents of the past 12 months, indicated business professionals believe 2014 was the year of the data breach.
"While 2013 was a bad year for IT security, there's no disputing that 2014 was the worst," explained Kevin Jones, senior IT security architect at Thycotic, as quoted by Forbes. "Whether it was insider threats, anonymous or nation-state hackers, 2014 was a bad year for anyone whose job is to protect sensitive data from unsanctioned access."
The repercussions of a security breach can be crippling to a business. If customer data is compromised from a breach, the organization responsible for safeguarding it will undoubtedly incur significant fines. Companies unable to pay the fines are often forced into bankruptcy. Companies trying to recover financially, often see lower profits resulting from consumer distrust.
Compliance does not guarantee security
Business leaders should never assume their information is secure, even if they are compliant with certain industry standards, particularly regarding consumer payments. Kevin Fowler, KPMG Canada Security Advisory Service Partner, noted Payment Card Industry (PCI) compliance regulations provide the "bare minimum" needed to actually process data.
"If you look at Target, they were PCI-certified. Organizations need to focus on having maturity, not just check off the list when it comes to compliance, make sure the controls are effective," Fowler explained, as quoted by IT World Canada.
Retailers in particular must do more to enhance their security, Forbes reported. These businesses are vulnerable to breaches because of how they accept payments. Point-of-sale (POS) devices are often targeted by cybercriminals to obtain sensitive data.
Target was a major victim of a high-profile breach, but it has not been the only big-name brand to experience similar events. Forbes added Dairy Queen, Goodwill and The Home Depot all suffered in 2013 at the hands of attackers.
Jones added the breaches at these businesses emphasize that these companies' POS terminals are failing, so much so that these systems may no longer have a future in the industry moving forward, Forbes reported. These solutions simply put customer data at risk.
Make security a key focus in 2015
If some of the largest brands can fall victim to security breaches, then small businesses shouldn't feel safe. In fact, cybercriminals actually target smaller companies that lack the resources needed to safeguard their systems. While allocating funds for security software is a good idea, without the proper resources to monitor and maintain it - it isn't really protecting your data from malicious attacks.
Managed Network Services provide organizations with dedicated IT personnel to manage and maintain their networks and systems, keeping them protected from virus and malware threats. Pinnacle, an Advanced Imaging Solutions company, is a managed services provider that provides remote monitoring and management (RMM) for clients who do not want the hassle associated with employing and staffing an IT department in house.
Additionally, Pinnacle offers Risk Assessments for companies needing to maintain federally mandated compliance standards. Risk Assessments evaluate an organizations networks and systems to uncover weaknesses and provides recommendations to secure their IT and stay compliant.
If your business wants to avoid becoming the victim of a data breach, or you are tired of trying to manage network security in-house, contact Pinnacle to learn more about our security and compliance solutions.