Are Other Companies’ Data Breaches Hurting Your Business?
Breach fatigue is undeniable at this point; data compromises are a daily occurrence, and so-called “mega breaches” aren’t met with the shock and awe that they once were.
But just because data breaches have become old hat doesn’t mean that people aren’t recognizing the risks and reacting to them. In fact, the results of a survey recently released by the National Telecommunications and Information Administration (NTIA) indicate that consumers have been taking notice — and are changing their online habits as a result.
Security Concerns Are Leading to Activity Restrictions
In July 2015, the NTIA asked the U.S. Census Bureau to conduct a survey about online privacy and security concerns. Several cyber security questions were posed to more than 41,000 American households, each of which included at least one Internet user.
The analysis of the survey’s data shows that concerns are up and certain Internet activities — including those that drive business — are down as a result. Here are a few of the key findings:
- 19% of the Internet-active households — which, when extrapolated, represents almost 19 million households — said they had been affected by a breach in the 12 months preceding the survey.
- Higher degrees of connectivity seem to correlate to greater online risk. Only 9% of households that used one web-enabled device reported breaches; in contrast, 31% of households that connected via five or more devices suffered breaches.
- Mobility appears to double the risk of a breach. While 22% of users who connected via a mobile data plan reported an online breach, only 11% of home-based Internet users had their data compromised.
- When asked if they had one, some, or no concerns about online privacy and security risks, 84% of households named at least one concern, and 40% named two or more. The major concerns identified by users included the following:
- Identity theft (63%)
- Credit card or banking fraud (45%)
- Data collection by online services (23%)
- Loss of control over personal data (22%)
- According to the survey, the perceived privacy and cyber security risks have led Internet-connected household to cut back on the several online activities, including those noted below. Two percentages are noted for each behavior; the first is the response rate for all households while the second (markedly higher) number is the response rate for those households that reported a breach.
- Conducting financial transactions (29%, 40%)
- Buying goods or services (26%, 35%)
- Posting on social networks (26%, 35%)
What sets Wombat apart from the rest? Our customers' results speak for themselves.
Become a Cyber Security Champion
The NTIA survey seems to highlight the dangers of equating breach fatigue with consumer indifference. Though the “it’s not if but when” mindset is reasonable from a security preparation and response perspective, you simply cannot assume that your customers share that mentality.
“Security awareness training has become a business-critical activity, and it’s more important than ever to have employees become advocates of cyber security. It can’t just be an IT issue,” said Joe Ferrara, President and CEO of Wombat Security Technologies.
“One of the great benefits of cyber security education is that the knowledge is portable. At the end of the day, employees are also consumers. So as more and more organizations work to educate their employees about the dangers of poor cyber hygiene, we will begin to see more and more consumers who are better equipped to identify cyber threats,” Ferrara said. “Highlighting the importance of privacy and data protections in the office has a significant positive impact to employees’ personal lives — but it also has a halo effect for the office as well.”
To reduce risks associated with end-user behaviors, Ferrara advises you be choosy about the security awareness and training activities that are delivered to your end users. He also emphasizes the importance of building a culture of security from the top down.
“Cyber security is everyone’s business, and that should be stressed at all organizational levels,” said Ferrara. “There is a direct correlation between organizations who encourage and promote cyber security education and best-in-class performance. Through security awareness and training, we can upgrade performance on the consumer side as well.”
Subscribe to the Proofpoint Blog