Are You Doing Enough to Mitigate Data-Breach Risks?
By Fallon Consultants
On December 8th, 2014
As enterprise data breaches become an almost everyday occurrence, data protection has become a top-of-mind concern for business owners and executives. But are company leaders doing as much as they should to protect their critical business data?
Is your business vulnerable?
Most companies recognize they need an effective data protection strategy. But fewer businesses are prepared to protect their data from breaches and other cyber threats. In a survey of executives at U.S. companies, IT security firm NTT Com Security reports that only one-third of businesses believe their systems are absolutely protected from cyber threats that pose a risk to their data. The majority is right to be wary; according to the ITRC Breach Report, 32% of U.S. data breaches in 2014 have occurred in the business sector. And in 2013 alone, the FBI informed 3,000 companies that they had been victims of cybersecurity breaches that year.
Companies are finding they lack the in-house expertise to create and implement sophisticated data-protection schemes that can mitigate the risk of data breaches. A common solution to this problem is to seek the help of data security experts. Gartner reports that increasingly more companies are planning to do just that: Enlist the help of firms like Fallon Consultants that specialize in data protection, security risk management, and security infrastructure.
In addition to getting outside help from an expert, companies can take certain actions to make their data less vulnerable:
- Cover all your bases. According to PwC’s The Global State of Information Security Survey 2015, organizations should employ a four-pronged security strategy that includes preventing, protecting, detecting, and responding to breaches.
- Determine which data must be retained. Limit the amount of sensitive data, such as personally identifiable information, that your company collects. Set up retention policies that specify how long certain data should be stored before it is deleted.
- Classify data according to its sensitivity. Categorize your data according to the degree of risk associated with its loss in the event of a data breach.
- Coordinate security measures. Your company’s computer and network security must be supported by additional measures, such as physical security, asset protection, and training and enforcement of security policies for personnel.
- Consolidate data retention. Limit the number of places where company data is stored.
- Know your vendors. Investigate your vendors’ security practices to make sure they aren’t increasing your company’s risks.
Data breaches have become an unfortunately common concern for businesses. By taking data breach risks seriously, and perhaps even getting expert data protection help, your business will be better prepared to head off such attacks. For more information about data-protection strategies for your business, contact Fallon Consultants at 845-624-3504.