A new study by the Ponemon Institute quantifies “The Impact of Data Breaches on Reputation and Share Value” and a new Gallup Poll finds that cybercrime tops America’s crime concerns. IT security experts commented below.
Atiq Raza, CEO at Virsec Systems:
“Far too many businesses have been marketing a “don’t worry, be happy” message about cyber security, that flies in the face of reality. This is causing a serious erosion in trust, but may have some healthy results. Consumers need better information about structural problems in cyber security, and objective analysis along the lines of Consumer Reports, about how well companies are protecting their data. Customers should punish businesses that suffer breach meltdowns, but they need better information and alternatives to reward companies that are doing the right thing.”
Ray DeMeo, Co-Founder and Chief Operating Officer at Virsec Systems:
“It’s no surprise that two-thirds of Americans worry about hacking and identity theft, given that the Equifax breach alone exposed data for about half the country. Consumers need more objective and less sensationalized information about threats, including information on how to choose businesses that are taking security more seriously and staying out of the data breach news.”
Lisa Baergen, APR, MCC, Marketing Director at NuData Security:
“The Ponemon Institute findings and Gallup survey together reaffirm that consumers and shareholders are tangibly holding companies responsible for consumer personally identifiable information (PII), and for data leaks and breaches.
“Companies need to break past outdated notions. While internal departments debate responsibility, consumers and shareholders are holding the brand responsible – making it everyone’s problem. The tangible economic impacts of breaches will only grow. Moreover, hackers are no longer working away in a basement – cybercrime today is highly organized, well-funded, increasingly automated and extremely lucrative.
“The only way businesses can retain the trust of their customers and shareholders is by implementing a multi-layered authentication framework that incorporates new technologies that verify the person behind the device – based on user behaviors that can’t be mimicked. Advanced, continuous authentication that leverages consumer behavior identifiers strips the value from passwords, credentials, and SMS passwords that hackers seek. By using a behavioral layer, companies are able to spot an account takeover attempt in real-time even when the correct (yet stolen) credentials have been used.
“Every company with PII must advance its defense posture, and those who are ahead of the pack are most likely to survive and thrive, while those who move more slowly become the easiest prey – to hackers, and to investor and consumer sentiment.
“In today’s market, it’s survival of the fittest time.”