2014: A Challenging Year for Cyber Security

calendar

2014 was undoubtedly a challenging one for cyber security. Looking back 12 months, its interesting to see that there was actually a lot of optimism regarding security efforts heading into the year. In last year’s Global State of Information Security Survey cited in this CIO.com article, 84 percent of CEOs and 82 percent of CIOs stated that they believed that their cybersecurity programs were currently effective. Even 78 percent of CISOs expressed confidence in their programs.

Then 2014 happened.

  • 503 million records were breached between Adobe, eBay, JP Morgan Chase, Target, Home Depot and Community Health Services
  • The breaches were spread among many different industries including software, online marketplace, banking and financial services, retail and healthcare.
  • Several major security flaws were discovered – Heartbleed, Shellshock, and POODLE.
  • The total number of detected network encroachments rose 50 percent to 42.8 million this year.
  • Large companies experienced a rise of 53 percent in breach related costs. Midsized organizations experienced a 25 percent increase in incident costs.

The silver lining of having a year full of headline making incidents is that information security became a bigger part of the public and executive consciousness. Consumers started understanding the need for security and are demanding it more from the companies they do business with. More executives realize that they don’t want to be the next company covered in the news for a breach and are funding more security efforts. Kenneth Swick, information security officer at Citi Group said in the CIO.com article that,“ Especially when executives see the fallout at the executive level, I am seeing higher budget allocations, and from the additional recruitment activity across industries I am absolutely certain that financial sectors are responding to all of this breach news.”

Can 2015 be a bounce back year for cybersecurity? There’s no question it can if organizations focus on building fundamentally strong security programs. Get the basics down first and address known security vulnerabilities such as unsecure email, which is particularly vulnerable to unintentional employee mistakes. With the cloud-based Cirius Secure Messaging platform, you can be deployed in minutes with live users. A quick win in secure messaging can help build momentum for your overall security program, so sign up for a trial of Cirius Messaging to get off to a fast start in 2015.

Image: Rhombic Dodecareuleaux Calendar 2013 Philip Chapman-Bell 1.1.13

LinkedIn