As we reflect on the passing year, it’s clear that 2016 was a tipping point in terms of public awareness of data security issues. It was the year that John Q. Public suddenly became aware of encryption issues, with Apple’s battle with the FBI after the San Bernardino terrorist attack.
It was also the year people pondered how foreign governments could perhaps hack into our election system. The year also showed that the government’s biggest security breach — which resulted in the arrest of an NSA contractor — wasn’t necessarily malicious. It hammered home the idea that some data breaches occur simply because employees don’t take their responsibilities seriously enough.
Though there is an increasing awareness of what kinds of threats we are all vulnerable to, there’s a knowledge gap in how to keep yourself and your business secure — despite our best efforts towards cybersecurity education.
So as you imagine what improvements you can make to your life and your business in 2017, consider adding boosting your cybersecurity to your list of resolutions.
To identify the cybersecurity risks that are top of mind across organizations, we surveyed 250 business professionals in the United States on their biggest cybersecurity concerns, in addition to taking a look at their personal web-browsing behavior and corporate browsing policies.
Companies miss basic steps that would prevent data breaches
The results show that people are certainly aware of threats. Of the top four web-based threats that concerned the respondents, identify theft, stolen credit card data, and phishing or password theft rounded out three of the answers.
In light of the recent DNC hack, among others, it came as no surprise that foreign hackers were ranked as the top threat to U.S. businesses, with 44 percent saying it was their biggest cybersecurity concern. With this in mind, it came as no shock that the industries identified as the most at risk were government and finance, both with approximately 30 percent of the vote.
Business professionals, it seems, are all too aware of the IT security risks they face on a daily basis. But it’s one thing to be aware of the threats — it’s another thing entirely to proactively address security gaps.
Survey respondents reported that their businesses were not taking basic steps toward preventing breaches. For instance, the results showed that only 21 percent of organizations have browsing policies that block most or all personal web activity.
If a company were to allow, for example, employees to visit or download a file-sharing program, it could leave all of the company’s information vulnerable to attack. In line with these results, 38 percent of the business people surveyed reported they don’t use a separate browser for work versus personal web access.
With the explosion of BYOD and the like, you would expect measures to be put in place, yet 43 percent of the survey’s respondents said their business does not have a specific policy in place. This oversight leaves employees free to put as much company information on their device without the proper security measures to prevent a breach.
Make cybersecurity a habit in 2017
You may think passwords are sufficient to prevent damaging attacks, yet nearly 30 percent of respondents said they use at least one personal password for a work account. If their password were to be hacked and sold on the dark web, then malicious actors could attempt to use that password to infiltrate various other accounts.
Together, let's make cybersecurity the success story of 2017.
Every year we see huge data breaches impacting all kinds of companies — big box stores, dating websites, financial institutions, file-sharing services, social media, and so on. In fact, more than 30 percent of our respondents said their data had been lost or stolen in a breach in 2016.
Cybersecurity threats aren’t going away — in fact, they’re only increasing. So, in addition to any New Year’s resolutions you may have to work out more, eat fewer sweets and so on, consider your company’s security measures and resolve to cut the fat on bad cybersecurity policies and practices.
About the author: Drew Paik is the Marketing Director at Authentic8, responsible for customer acquisition and onboarding.