According to digital security provider Gemalto, despite the increasing number of data breaches and nearly 1.4 billion data records being lost or stolen in 2016, the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks. However, companies are underinvesting in technology that adequately protects their business, according to the findings of the fourth annual Data Security Confidence Index Survey.
The research found many businesses are continuing to prioritize perimeter security without realizing it is largely ineffective against sophisticated cyberattacks. According to the research findings, 76% said their organization had increased investment in perimeter security technologies such as firewalls, Intrusion Detection and Prevention Systems, antivirus, content filtering and anomaly detection to protect against external attackers. Despite this investment, two thirds (68 percent) believe that unauthorized users could access their network, rendering their perimeter security ineffective. These findings suggest a lack of confidence in the solutions used, especially when over a quarter (28 percent) of organizations have suffered perimeter security breaches in the past 12 months. The reality of the situation worsens when considering that, on average, only 8 percent of data breached was encrypted.
Businesses' confidence is further undermined by over half of respondents (55 percent) not knowing where their sensitive data is stored. In addition, over a third of businesses do not encrypt valuable information such as payment (32 percent) or customer (35 percent) data. This means that, should the data be stolen, a hacker would have full access to this information, and the hacker can use it for crimes including identify theft, financial fraud or ransomware.
"It is clear that there is a divide between organizations' perceptions of the effectiveness of perimeter security and the reality," said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. "By believing that their data is already secure, businesses are failing to prioritize the measures necessary to protect their data. Businesses need to be aware that hackers are after a company's most valuable asset - data. It's important to focus on protecting this resource, otherwise reality will inevitably bite those that fail to do so."
As reported by Fraud.org, a recent example of one of many businesses effected by a data breach occurred at The Buckle Inc. on June 16. The Buckle Inc., a clothing retailer that operates over 450 stores in the US released a statement announcing that malware was found installed on its point-of-sale systems inside Buckle stores. The malware was found to be able to copy data stored on the card's magnetic stripe when swiped through the machine rather than inserted through the chip reader. Possible compromised information include the cardholder's name, the card number and expiration date.
Data protection and security are critical elements in protecting your organization's reputation, finances and customer loyalty. To discuss further, contact your local UHY Advisors professional.