News
Companies Can't Ignore Costumers' Security
On Monday, the Chairman, President and CEO of Target Gregg Steinhafel agreed to resign following the high-profile security breach in January that affected 110 million customers and and an estimated $1 billion in costs. Steinhafel is the latest Target executive to resign, following in the footsteps of Chief Information Officer Beth Jacob, who left the company in March. And while heads have certainly rolled following the Target debacle, it seems there's still a disconnect between customers and companies when it comes to information security and keeping people's information safe.
Since 2014 alone, there have been a series of major security breaches that have affected companies across a variety of industries. Target, Yahoo, Snapchat, SigmaCare, and even the federal government have been victims of cyber attacks that have resulted in the compromising of personal information and data loss. But beyond losing information, companies also lose considerable customer loyalty and trust when they prove incapable of holding onto or securing their shoppers' credit card numbers, phone numbers, and other personal details.
Target, for example, saw their earnings plunge by an astounding 46 percent after news of their cybersecurity breach hit the airwaves, and the company was forced to provide a free year of credit monitoring as well as a 10 percent discount in order to appease angry customers. But even so, Target has yet to rebound from the massive security hack, and analysts are forecasting a 12 percent drop in first quarter earnings.
Much of company and customer vulnerability to these sorts of attacks is a result of a growing dependence on "hackable" platforms, including credit cards, smartphones, eCommerce, and cloud services like Dropbox and Box. Though these technological advances have certainly made our lives easier, there remains an incomplete understanding of how they work, which results in a lack of preparedness to respond to attacks. For example, how many of us can really explain exactly how our information is stored on the cloud, or how to protect your phone from getting hacked, or even how the Internet really works? Sure, we can work our devices, but the mechanics behind them often remain shrouded in mystery.
But as we depend increasingly on these virtual platforms and innovative technology, it would appear that we're also leaving ourselves more open to cyber attacks. Between 2006 and 2011, data breach costs for American companies more than doubled from $62 billion to $132 billion per year. Coincidentally, over the same time period, a nearly identical trend can be seen in the number of credit cards issued, smart phones in use, growth in eCommerce, and use of cloud computing services.
The United States is the only country that suffers from constant growth of credit card fraud, accounting for 47 percent of credit card fraud in the world in 2012. In fact, a 2012 by the Aite Group and ACI Worldwide discovered that 42 percent of Americans "had experienced some form of payment-card fraud in the preceding five years."
As of 2012, half the cell phones in use in the United States are smartphones with Internet capabilities, and eCommerce has grown exponentially to become a nearly $200 billion industry. And as we continue to rely on these devices and services, it seems that we are also inviting bigger and more dangerous attacks.
Heartbleed, the bug which caused millions worldwide to change their passwords and prompted panic amongst various companies, is only the latest cyberattack to make headlines, and we're hearing of these attacks more and more frequently. Though Heartbleed was originally reported on April 1, it took over two weeks for the first arrest to be made in connection to the bug.
But despite an obvious need for increased vigilance in protecting customer data and information, company executives who are meant to oversee their company's security issues appear to becoming less and less concerned with cybersecurity. According to a Gartner Inc. survey of more than 2,300 Chief Information Officers, who are, ostensibly, the individuals most concerned with company security, cybersecurity ranks number eight on their list of top ten priorities. Ten years ago, it ranked number one.
This represents a serious problem in terms of company and consumer communication about cybersecurity issues. Whereas both parties are losing as a result of cybersecurity breaches, it's very concerning that large corporations seem less worried now than they were a decade ago. If cybersecurity attacks continue to happen and security continues to be under-prioritized, consumer information will remain unsafe and vulnerable to attack.
