Companies letting their guard down at just the right time for just the wrong reason
Many people like to take time off from the office around New Year’s, but the holidays are simply not the time for companies to let their guards down. A security breach can devastate a business and easily cost much more than a few dozen sales.
While people are out shopping the end-of-year sales, taking vacations and celebrating, hackers are taking advantage of corporate downtime. The susceptibility stems from companies being lax in changing website and mobile app codes. That’s because companies may fear that their systems would break during peak traffic with many programmers on vacation, said John Kindervag of Forrester Research.
Hackers caught onto this yearly security gap long ago. By allowing themselves to go less protected, many companies have created the optimal climate for cyber criminals to enjoy a peak season of their own.
As 2013 drew to a close, criminals targeted a wide-range of companies across the U.S. The personal data and confidential information of their customers leaves millions of Americans vulnerable to identity theft and crimes. Such breaches cost these businesses many millions of dollars last year in legal settlements. Companies spent 5.1 percent of their information-technology budgets on security in 2013, up from 4.7 percent the previous year, according to research conducted by Gartner.
The highly publicized Target data-security breach last December affected more than 40million credit and debit card customers during the busiest time of year. The fallout of the incident includes the loss of many loyal customers and damaged consumer confidence.
The best defense is a good offense
Industry insiders recommend companies increase their defenses during the busiest season and be on high alert during the holidays. Businesses of all sizes can protect themselves and their customers from cyber crime by
- staggering IT department vacation days for uninterrupted technical support coverage
- stepping up data-security efforts during busy periods
- ensuring security measures remain consistent
- promoting cyber-risk awareness
- educating staff on risks and ways to help prevent them.
Of course cyber hacking is a 365-day operation. To outmatch cyber-criminals 24/7, a stringent year-long approach to security should be in place.
Please visit Cyber Risk Insurance for more information on preventing hacking or Cyber Risk insurance.
Source: Sarah Frier and Peter Burrows, “Companies More Vulnerable,” insurancejournal.com, 03 Jan. 2014.