What do Home Depot and Ashley Madison have in common? At first glance there seems to be very little that links the American retailer of home improvement products with the Canada-based portal to infidelities.
The answer is that the principle "indiscretion is a matter of honor" applies for both. Data thieves stole 56 million credit card details from the do-it-yourself chain last year. More recently, the site for cheaters was hacked by cybercriminals, leaving 32 million customers trembling in fear of blackmailers.
For both businesses it was a crushing blow. Home Depot estimated the cost of correcting the problem at 62 million US dollars. And that doesn’t even include the fallout from the massive loss of confidence.
Ashley Madison and Home Depot represent a worrying global trend. Cybercrime can do far more than damage profits. It can threaten a company's very existence. Yet most companies only seem to be dimly aware of the terrible threat posed by data breaches.
The report "2015 Cost of Data Breach Study: Global Analysis" issued by the Ponemon Institute confirms that cyberattacks have increased in frequency and that the cost to remediate the consequences has also gone up. But the report also outlines how the greatest cost now comes from lost business. This has increased to a total average of more than one and a half million US dollars in 2015.
In stark contrast are the numbers outlined by Zurich Insurance Group in a survey conducted with small-and medium-sized enterprises in Germany. Digital attacks were considered to be dangerous by just nine percent of the respondents. "The risk awareness regarding the impact of cyberattacks is weak in general", explains Ralph Brand, CEO of Zurich Group Germany. And this carelessness can be disastrous. Traditional electronics or fidelity insurance covers the damage from cyberattacks or IT-specific risks only in small part. The insurance industry sector therefore promotes cyber policies as the fire insurance of the 21st century.
Given the broad impact of cybercrime, we might ask ourselves whether cyber insurance is the ultimate strategy to counter cyberattacks. The topic of IT security is one for the executive suite. Any criminal attack could have an impact on a company’s image and that can adversely affect the business. Just as fire insurance can’t prevent a fire, cyber insurance can’t ward off IT hackers. Nevertheless, the proper coverage can at least alleviate financial consequences.
Some costs can be insured. Expenses for external experts, the restoration of data and the cost of consulting and communication in the event of a data breach can all be covered. But many enterprises underestimate the cost of damage to their reputation. Enterprises need protection against the loss of customer loyalty and this risk is still not being given anywhere near the necessary attention.
To protect companies and organizations against the increasing threat from cybercrime, secure network infrastructure, which can provide scalable connectivity between data center facilities and dispersed company locations, has evolved to be at the heart of every communication network. Securing data in motion by encryption at the connectivity network layer ensures superior network performance, simplifies network operations and reduces the overall cost of data protection. Encrypting data at the lowest network layer also protects it at all higher layers in the network stack, as everything must flow through the connectivity layer before going anywhere else.
Encrypting data in motion is a preventive measure. It’s one of the most important tools in the overall security toolkit for making a company less vulnerable to cyberattacks and, therefore, one of the best ways to reduce the risk of reputation damage and lost customer loyalty.