Organisations 'not doing enough' to prevent data breaches
Organisations need to do more to prevent themselves from experiencing data breaches, as many people are of the opinion that not enough is currently being done.
This according to a new report from the Internet Society, which found that 59% of users would be reluctant to do business with an enterprise that had been compromised.
The paper was keen to highlight how damaging a data breach can be. Not only does it negatively affect the organisation that has been attacked, it also impacts on its employees and consumers.
Moreover, it damages the way people think about technology. As Michael Kende, the author of the report, noted, “the ultimate casualty is trust in the internet”.
“The vision of the Internet Society is that the internet is for everyone, everywhere,” he stated.
“Trust in the internet is at the core of that vision. Without trust, those online are less likely to entrust their personal information to the internet, and, those who are not yet online will have a reason to stay offline.”
One of the most interesting points raised by the paper concerns the seeming lack of investment from businesses in information security, said Kende, an economist and internet society fellow.
He added that while many appreciate the seriousness of data breaches, organisations are “not doing everything they could to prevent” them from happening.
To help change this, the Internet Society has come up with some recommendations on what can be done to boost cybersecurity efforts.
This includes making organisations more accountable for data breaches, making information security a priority and increasing transparency around security incidents around the world.
“Up-to-date security systems, usable security, and awareness on how to deal with threats and social engineering are needed for reducing the opportunities for data breaches and device compromise,” commented Olaf Kolkman, chief internet technology officer at the Internet Society.
“The report shows that as much as 93% of all breaches could have been avoided if the correct measures were put in place.”
A study from earlier this year revealed that many IT professionals are not confident that they would be able to protect data in the event of a successful attack.
Article by Narinder Purba, We Live Security blog