For retailers, the cybersecurity horror stories are almost too numerous to count: Target, Neiman Marcus, Home Depot, etc. But for executives in other sectors, the cautionary tale is that of health insurer Anthem.
For directors of companies in industries like finance and health care that are centered around client trust, suffering a major breach like the one that hit Anthem at the beginning of 2015 is just as devastating. More than 80 million account holders were affected during the breach, making it the largest hack of its kind. In an interview with CIO, Peter Gleason, president of the National Association of Corporate Directors, explained that decision-makers in these industries are especially on edge right now because cyberattacks are in the news every day and are kept front of mind.
“It’s the foremost issue on directors’ minds right now because it’s tied into the risk structure of the organization,” said Gleason.
“Last year nearly 43 million security incidents were detected.”
While the risks associated with hackers and cyberattacks are the hottest topic in board meetings, corporate oversight of cybersecurity follows behind in a close second. Last year nearly 43 million security incidents were detected, an increase of 48 percent from 2013, according to research by professional services firm PricewaterhouseCoopers. The average cost of those incidents was around $2.7 million, and the amount of businesses that reported losing more than $20 million due to a security incident increased 92 percent between 2013 and 2014. Perhaps the most worrying statistic is that as many as 71 percent of cyberattack victims did not detect the hack themselves, but instead were informed by a third party about the issue.
Data breaches come with silver lining
While this may all seem like bad news, it does come with a silver lining. According to a recent study by business risk consulting firm Protiviti, there is a positive correlation between how much the board is engaged with cybersecurity and the strength of IT security solutions. The prevalence of data breaches has forced decision-makers to be more concerned with their organizations’ cybersecurity posture and fostered increased communication between CIOs and board members.
“By providing corporate directors with meaningful intelligence on a regular basis, savvy CIOs and CISOs not only educate their boards about the issues they should focus on as they oversee security-related initiatives; they also garner high-level support for building robust security systems and adopting processes and policies necessary to protect corporate data,” CIO contributor Stephanie Overby noted.
Cybercriminals continue to grow more sophisticated and invent new attack methods to target organizations storing large amounts of data. One of the most reliable ways to protect client data is to utilize cloud storage services. Information stored in the cloud is easily encrypted and can be kept in a separate place from other enterprise information. Employing a cloud solution also improves business continuity procedures by keeping sensitive data in the cloud as duplicate data can be stored off-site and kept safe in case a system is compromised or a disruptive event were to occur.