There has been a 48% increase in cyber-attacks from 2013 to 2014, and so it is no wonder that data security is at the forefront of our minds. When dissecting the components of data breach and security failures, it becomes clear that cyber-attack trends are escalating. An increase in the transfer of data can increase the opportunity for attack – a daunting fact for many companies.
In light of the recent cyber-attack on Sony, as well as other major corporations such as Target and Home Depot, it is necessary to increase information security. The question is: How? Information security can be made better by increased awareness, added spending, and improved technological solutions. The purpose for protection is threefold: for confidentiality, to keep data private; for integrity, so that information cannot be altered; and for availability, the accessibility of data when needed.
The tactics companies have employed to decrease the occurrence of data breaches include highly developed infrastructures and processes, as well as educating users. In layman’s terms, the approaches can be seen as either technical or administrative. Technical strategies range from firewalls, antivirus systems, and anything technology-based to improve security and prevent attacks. As for administrative strategies, companies continuously educate and implement policies to protect data.
According to Gartner, Inc., worldwide spending on information security increased 7.9% from 2013 to 2014. The expectation for most corporations is that spending on security will continue to increase. It is projected that total “spending will grow a further 8.2% in 2015 to reach $76.9 billion.” The steadily developing nature of technology in cyber-attacks is reason enough to regularly advance technology in cyber-security. Awareness, understanding and progress are essential to a corporation’s success when it comes to protecting data.
For corporations, security breaches can lead to multiple issues: reputation loss, financial, loss, IP loss, legal action, loss of customer confidence, and business interruption costs. Since the losses and costs are so widespread, it is important to take a holistic approach to data security and provide a multistep defense against attack. Corporations are taking a closer look at technology, and also developing people and processes that can provide greater security.
Security is hard to guarantee, but it is in a corporation’s best interest to be prepared and follow through with a strategy to defend data and information from cyber-attack. Corporations need to not only look internally, but to take a deeper look at advisors, suppliers and vendors who touch their data.