Simply Security - News, Views, and Opinions from Trend Micro

Posted on November 14th, 2012 in Reports by Simply Security | Be the first to comment | Tags: Reports

U.S. firms are experiencing a disproportionately high ratio of data security incidents.

A recent StorefrontBacktalk article spoke to the disproportionately high rates of data breaches that occur in the United States and offered some possible explanations for this disturbing phenomenon.

Columnists Frank Hayes and Evan Schuman cited statistics gathered in a recent interview with Visa payment system security director Jennifer Fischer. Her research team discovered that, in 2011, 67 percent of all global data breaches could be traced back to U.S.-based businesses. This figure is a striking reversal from 2009, when American firms accounted for only 38 percent of data breaches. However, traces of the trend could be seen in 2010 when 61 percent of such incidents occurred in the U.S.

Hayes and Schulman noted that this transformation may have been triggered by the lack of differentiation between corporate data security measures. The ubiquity of certain systems – particularly among franchised businesses – creates an opportunity for successful exploits to be replicated many times over. During a period of economic uncertainty, store managers may forego necessary improvements to their cybersecurity stances.  Yet as these investments are postponed, more security gaps are created for attackers to exploit.

The columnists also noted the starring role being played by organized gangs of cybercriminals. From the breach of home goods retailer Michaels in 2011 to the more recent incidents affecting Barnes and Noble, franchises of all size are seeing their data protection loopholes exploited by opportunistic hackers. 

But whereas technical resources may be limited, human resources could be a much more scalable asset.

In a recent survey of 1,015 U.S.-based small and medium sized businesses, researchers from the National Cyber Security Alliance and Symantec found that more than half of responding firms are prioritizing the possession of strong cybersecurity fundamentals when it comes to assessing the viability of job candidates.

“According to Symantec’s research, SMBs have become a key target for cybercriminals and that trend is bound to continue," Michael Kaiser, executive director of the National Cyber Security Alliance said. "Small business owners and employees must do a better job not only becoming better educated on cybersecurity, but also better at implementing technologies to protect themselves and the information that fuels their businesses.”

Responding recruiters suggested that the safe and ethical use of email and social networks were the top digital literacy skills they were looking for in a new hire. However, a working knowledge of how to identify and protecting sensitive assets such as corporate intellectual property, followed closely behind on the list of attractive employee attributes.