Experian Study Finds Most Companies Unprepared for Data Security Breach Incident
Hikvision Blogs Offer Tips to Prevent Malware, Identify Spear Phishing
Experian’s 2019 data security breach study found that only 36 percent of companies are prepared to respond to a security breach incident, according to an article in Security magazine.
“Is Your Company Ready for a Big Data Breach?” is Experian's sixth annual study. Conducted by research firm the Ponemon Institute, it surveyed professionals in IT/ IT security as well as compliance and privacy who are involved in their organization’s data breach response plans, according to Experian’s website.
"We'd like to see 100 percent of companies prepared and trained to handle any kind of data breach whether it's malware infiltration or ransomware. Prevention is the key, but if an incident occurs, swift management afterward will greatly minimize the damage. Organizations should implement a strong security posture staying up to date with the latest attack threats, engage in pre-breach agreements with security partners, and hold a practice drill every year with a dedicated response team," said Michael Bruemmer, vice president of data breach resolution at Experian, in the article.
The study outlined areas in need of cybersecurity improvement:
- Engaging C-Level Executives: 81 percent of respondents said that an increase in C-level/senior executive participation would improve effectiveness of their response plan.
- Increased Employee Training: According to Experian’s research, only 47 percent of companies have training that enables employees to identify spear phishing attacks.
- Attentiveness to Response Plan: 42 percent said their company does not have a timeline in place for reviewing and updating its data security breach response plan. “Less than half (46 percent) have procedures for responding to a data breach involving overseas locations,” said the article.
The article added that “Executives still feel challenged and concerned about being fully prepared for a data breach. Only 52 percent rated their plans as very effective, just a slight increase over 2017 (49 percent). When it comes to responding to a data breach involving business confidential information and intellectual property, only 36 percent feel prepared to respond. More than half (59 percent) aren't confident that they could handle ransomware.”
Click this link to read the full article.
Hikvision Tips to Prevent Malware, Identify Spear Phishing
In a recent blog, “SecurityInfoWatch.com Provides Five Tips to Prevent Ransomware,” Hikvision outlined tips to prevent ransomware–a type of malware–such as updating anti-virus software and training employees to identify phishing attempts (and avoid unknown attachments and links in emails). The article links to another blog that covers Hikvision cybersecurity director Chuck Davis’ top five tips to prevent malware.
In that piece, Davis stated that malware is one of the most often used components in cyberattacks. “Two of the most prevalent attack methods are, network scanning and phishing. A typical network scanning attack occurs when a system scans a network (frequently the Internet) looking for vulnerable systems. When it finds one, it will exploit the vulnerability and infect the system with malware. Often, the infected system will begin scanning and infecting systems as well.”
Spear phishing, referenced in the Experian survey results above, is a particular kind of phishing attack using emails that typically have information about the victim in the email that makes the email seem credible. Hikvision published a two-part series on ways to identify spear phishing. Here are the article links: