There is the assumption that data breaches only affect larger organizations. Many small and medium-sized business (SMB) owners believe nobody would be “interested” in their small business. This belief comes at a cost. The Harper Midsize Business Monitor for 2014, which was recently released, shows that 43% of midsize businesses suffered a data breach in the past 3 years.
Millennials are the single largest generation in the US workforce; in 10 years this age cohort will account for 75% of the workforce. Millennials are the first generation to grow up with technology, often called “Digital Natives.” These Millennials assume they know a lot about technology, and so do employers. The problem is, Digital Native does not mean Tech Savvy, and therein lies a whole load of problems for data security.
The compliance landscape has been undergoing rapid changes throughout 2015, particularly in the US at the State level. While Federal legislation is still pending (and controversial), and International legislation such as the EU General Data Protection Regulation will impose drastic changes on many global organizations, the continued rapid pace of change in the US means that organizations must constantly stay on top of an ever-changing set of requirements.
Absolute Software recently attended the Gartner Security Risk Management Summit held in Washington, DC. As you can expect, risk management & compliance and security in the digital age were hot topics of discussion this year. While there, Absolute Software’s Ali Solehdin, a senior product manager here, talked with the Information Security Media Group for Data Breach Today about our role in helping organizations secure data and prove compliance.
When it comes to data, IT is tasked with the ever-increasing demands of users to do more, wherever and whenever they want, on any device. The demand to meet the needs of end-users has to be balanced with the need to protect data, and in this IT is often left with a difficult balancing act. Restrict data too much and employees will find a way to circumvent the rules. Give too much freedom and data remains unprotected.
A common nightmare scenario for security leaders today is having a laptop, tablet, or smartphone – loaded with sensitive information – go missing. When devices are lost or stolen and personal data is breached, organizations face increasing obligations to disclose incidents to the affected individuals and/or government agencies. The increased number of data breaches have driven many updates to data legislation this year alone, with more on the horizon. These rules, while also protecting the consumer, place strict requirements on organizations to to be prepared for and to respond to any type of incident. Given the changing legislative environment globally, this can be confusing for organizations.
2015 has oft been cited as the “Year of the Healthcare Data Breach,” and sure enough the data for the year has been supporting this. The average cost of a data breach is highest in healthcare than in any other industry, up now to $5.9 million per breach. With healthcare data breaches on the rise, being more targeted now than at any other time, and with the cost per breach rising, healthcare is being set a stiff challenge to protect sensitive data. Compounding this challenge is the fact that healthcare organizations face more “risky” scenarios than ever before.
Information security, data security, device security – related terms that describe securing critical components of enterprise IT, all required to protect the financial viability and reputation of your organization. If a device or data falls into the wrong hands, the consequences can be catastrophic – lost sales revenue, executive job losses, and in some cases, financial bankruptcy.