When will Companies Take Data Security Seriously?

If it seems like data breaches at major organizations such as the recent one from Equifax are becoming more and more common, it isn’t just all in your head. A recent study from Gemalto found that there were 918 data breaches during the first half of 2017, which is up 164% from the previous six months.

74% of the breaches came from people outside of the company, including hackers who exploited weak security. This is a 23% increase. These external attacks, however, only accounted for about 13% of the total amount of compromised records. Malicious insider attacks make up just 8% of the reported breaches in this study. A concern, however, is that the insider attacks resulted in more than 20 million compromised records. This is an increase of 4114% from the previous six months!

Most of the attacks come from identity theft. This is 74% of all data breaches, and caused both by consumers not taking steps to protect themselves, and businesses not helping in this effort. Identity theft increased by 49% in the first half of 2017.

Despite the fact that these types of breaches have cost companies millions, and exposed consumers to billions in potential losses, it seems that businesses still aren’t doing enough to stop them. While all companies claim to take data security seriously, very few of them put any practical protections in place.

This lack of success in the battle against data breaches is costing the marketing industry dearly as well. When people hear about data breaches, they become more cautious when it comes to making purchases online, or providing data (including email addresses) to marketers. This makes the jobs of legitimate marketers more difficult, regardless of how seriously they take data security.

What's your opinion?