The world has moved almost entirely to a digital platform and the business world is no exception. Valuable information is being housed and transmitted via the internet and mobile devices with no guarantee that intellectual property and customer data is secure.
Every organization is a target–regardless of its size or security posture. According to a 2014 Dell report, 87% of respondent organizations have reported a security breach, 73% in the last twelve months. In addition, the average cost of a compromised record is $230 resulting in a significant financial risk for businesses of all sizes. Costs of response are also rising 15% per year, and smaller organizations incur significantly higher proportional costs than larger organizations. Studies have shown that 23% of recipients open phishing messages and 11% open the attachments.
Regardless of company size, the risk of a security breach can result in lost time and productivity. Business disruption costs equal 38% of the total recovery cost. A typical breach can take over nine months to be detected.
Recent large scale breaches have occurred not as the result of technology failure, but rather, via human failure. Currently, 80% of security spending is for perimeter security which is only effective for 30% of the risk. This would suggest that there is a strategic gap between security risks and security solutions.
At UHY, we view cyber security as a strategic issue, not a tactical issue. Our team of experts will guide you through the ever-changing challenges of cyber security with proactive advice and insight, and the objective of keeping your company’s digital property secure. Our service offerings are focused on ensuring that your cyber security program covers all three critical elements; People, Process, and Technology.
OUR SERVICE OFFERINGS
According to digital security provider Gemalto, despite the increasing number of data breaches and nearly 1.4 billion data records being lost or stolen in 2016, the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks. However, companies are underinvesting in technology that adequately protects their business, according to the findings of the fourth annual Data Security Confidence Index Survey.
According to a recent public service announcement, the FBI's Internet Crime Complaint Center ("IC3") states the business email compromise (BEC)/email account compromise (EAC) scam continues to grow. BEC is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The EAC is a component of BEC targeting individuals that execute wire transfer payments. The scam is carried out when a subject compromises legitimate business email accounts through social engineering (ex. phishing) or computer intrusion techniques to make unauthorized transfers of funds.
WannaCrypt is a serious ransomware attack that has caused major interruptions to individuals, businesses and governments around the world. However, what gives this ransomware teeth is that it took advantage of a vulnerability in Microsoft operating systems that has been public knowledge. Anyone who was using an operating system newer than Windows XP, could have simply patched their workstation and their only risk was to click on a link they shouldn't have. The problem is many people and organizations haven't patched their computers or are still running Windows XP.