by Todd Cox, Chief Technology Officer and Lead IT Architect
To say that cyber crime is no small issue would be an understatement. According to the 2013 Norton Report, the cost of cyber crime hit Canadians to the tune of $3 billion in 2012 - which was double the year before. While that is only a small percentage of the $113 billion global number, it clearly highlights the pervasiveness of this issue. If you don’t think it will affect you, think again - the numbers show that 42% of adults experienced cyber crime last year alone.
By the end of 2013 it is expected that there will be 1.4 billion smart phones in use world wide. To put this in perspective, that is one smart phone for every five people! In a recent survey, 50% of smart phone users sleep within arm’s reach of their phone, showing that smart phones have truly become an extension of everyday life. What is particularly alarming is that 60% of Canadian users are not aware that security solutions even exist for their mobile devices.
It’s not just phones that pose hazards, social media sites have become a favourite for cyber crime, with almost half of users not signing out after using these sites. Not to mention passwords that are weak & easily guessed, rarely updated, and the same on multiple sites. This means if there is a breach on any site, like the one Adobe recently had (http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html?promoid=KHQGF) many of an individual's accounts could be in danger – if the same password is used on multiple personal logins, what about on their business accounts? What happens when they are connected to the corporate network when they access these sites? The weakest link in any cyber security risk posture are the individual users.
What does this mean for business? For a start, it is important to understand that the impact and cost of cyber crime is not just a technology discussion, but truly a whole-business conversation:
-
What is our current risk & how exposed are we?
-
What policies and procedures do we need to put in place to deal with security, BYOD and business continuity?
-
How well does our current technology protect our corporate assets, maximize our organizational up-time and comply with industry regulations? How can we keep up with rapidly changing security risks with the budget we have?
-
Technology is a key component to prevent cybercrime but what happens when there is a breach? Whose liability is it? What provisions should we include in our contracts with service providers?
-
What about our residual risk – do we need insurance and how much?
Sources :
http://www.symantec.com/content/en/us/about/presskits/b-norton-report-2013.en_ca.pdf
http://www.businessinsider.com/15-billion-smartphones-in-the-world-22013-2
