They say people learn from their mistakes, but are we when it comes to data security? Too often sensitive information is repeatedly left unsecured and is easy prey for hackers. We hear about it everyday, stores, banks, websites- they have all fallen victim to data breaches, and it’s the American public who really suffers. With the large number of data breaches, you’d think people would be hyper-vigilant and take proactive steps at home, and professionally. Unfortunately, Americans are becoming numb to cyber attacks because they happen so often.
With the increase in hacks comes sophistication, the threats are evolving and becoming more advanced. Your personal and business information is at risk so it’s imperative to defend yourself as best you can, rather than needlessly suffer the costly consequences.
According to CNNMoney,
“Hackers have exposed the personal information of 110 million Americans — roughly half of the nation’s adults — in the last 12 months alone.”
That’s 47% of adults in the United States. Still think your data isn’t at risk? Your personal information can be compromised, and your business’ data isn’t safe either, if left to fend for itself. Are you willing to risk your customers’ data and suffer the crippling effects of downtime for recovery, or losing all your data for good? Are you prepared to take quick action in the event a breach occurs? Businesses need to take a proactive approach to safeguarding their clients’ information, and to ensure that they have the plan in place for damage control, and to reduce the damaging ripple effect.
One of the largest problems is passwords. Some hackers are sophisticated enough to get through in seconds, so having strong passwords is key in defending your data. That goes for you personal accounts and for businesses. If you’ve seen the list of the Top Passwords in 2014, you know how easy some of them can be to hack.
If you aren’t familiar with the list, here are the Top 5 passwords as collected by the security firm SplashData (which analyzed 3.3 million leaked passwords from 2014).
The Top 5 Passwords
It’s best to use a combination of numbers, letters and special characters. Stay away from using words that would be easily guessed, like names of family members and pets. Don’t use birthdays or anniversaries. With living life on the internet, too much information is easily found.
But we all know it doesn’t end with changing your password.
PCI Security Standards Council general manager Stephen Orfei has declared 2015 to be “a defining year for cybersecurity protection.”
Problems arise from a failure to maintain key security controls and a lack of vigilance. Simply put, most data security breaches involving credit card data are not sophisticated attacks at all, nor are they new tactics. Far too many of the recent major breaches we have seen in the United States were entirely preventable.
Many companies need to change the way they view security issues. Passing a PCI Standards assessment is a first step, but properly following security standards 24/7 is required to prevent data breaches. Not all companies do that, thinking instead that once they check the box of passing a data security assessment their work is over. This kind of thinking is a major problem. Data security cannot just be a “box you check” once or twice a year. It has to be an all-day, everyday priority.
It is important for American businesses to prioritize strong security principles by maintaining a multi-layer security approach that involves people, process and technology working together to protect consumers.
It’s time for a change in the mindset about data security.
The folks at SLPowers couldn’t agree more.
The President of the United States is on board, too.
“With the Sony attacks that took place, with the Twitter account that was hacked by Islamist, jihadist sympathizers yesterday, it just goes to show how much more work we need to do, both the private and public sector, to strengthen our cyber security,” Obama said earlier this month.
At his State of the Union Address, Obama said: “And tonight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft, and protect our children’s information. If we don’t act, we’ll leave our nation and our economy vulnerable.” Obama’s proposals include incentives for voluntary information sharing, tougher penalties for cybercrime, and consumer privacy protections.
As pointed out by the PCI Security Standards Council in an article on TheHill.com, “Companies that fail to make data protection an everyday priority run the risk of losing money, losing business and destroying their reputations.”
SLPowers knows that information security is not a one-size-fits-all offering, and there is no such thing as “set it and forget it.” We know even the best technology isn’t good enough if it’s not being monitored in real time. And we know the importance of third-party verification. We can show you exactly what we’ve learned about locking down your network, staying in compliance, maintaining best practices, training your employees, and shutting down threats.