Ronda Payne" />
By: Ronda PaynePublished On: January 10, 2020
Servers, clouds, networks and anything else connected to the Internet can be caught up in a bit of a Wild West scenario when it comes to hackers and data thieves. Due to the nature of today’s connectivity, data theft, account hacks and security system breaches happen at an alarming rate and the repercussions for criminals are minuscule in comparison.
This leaves control and security in the hands of organizations that collect and use data – which is important because these same entities are also held responsible if they don’t keep that data secure. When someone’s information is accessed by criminal activity, the individuals who had their personal data accessed don’t look to blame a local police force, they blame the organization that was unable to keep their information safe. It puts control and security squarely in the hands of an organization, thus, they need individuals with cybersecurity training.
According to a 2019 report by Juniper Research, the overall cost of data breaches is expected to climb to an astounding $5 trillion by 2024. Some of this expense will come from increasing fines as regulators look for ways to force organizations to protect data. It’s a double whammy for companies without adequate cybersecurity training. Not only are they hit with the loss of customer confidence and the resulting loss of business, but they are also hit with potential fines and fees to fix their systems after the breach. In the same way, a homeowner may install a security system after a break-in, many companies won’t send their staff for cybersecurity training or install adequate control measures until it’s too late.
No wonder cybersecurity courses are being offered more commonly and enrolment for them is climbing. Those who are in IT and IS roles may already have some cybersecurity training, but the smartest and most aware likely recognize the way to help their organization (or other organizations that understand the need) is to put a stop to some of the Wild West antics and become something of a hero. Advanced cybersecurity courses will allow these individuals to help design systems and controls that prevent attacks before they happen and create plans to mitigate the damage if something goes wrong.
Perhaps to some, establishing cybersecurity protocols may seem unnecessary. They may think their organization is an unlikely target or that the tools put in place a couple of years ago are strong enough to withstand an attack. This kind of complacent thinking may lead to a costly surprise.
Consider how the world has changed in the last 10 years alone. People deposit cheques through an app on their phone, order items from Amazon that arrive in 3 days or less, access the internet through the TV to watch the latest series. It’s a different world and it’s how people live.
Individuals prefer to shop using their phone while playing a game and then sending a transfer to a friend to cover last night’s dinner. This has become an expected level of convenience. Having gifts arrive in the mailbox is so much easier than braving a mall or driving around looking for the right gift. These options are also much cheaper for retailers and service providers. It’s highly unlikely that any of these services will stop being offered, so the need for providers to make systems secure is a standard expectation. Customers don’t want to and shouldn’t have to wonder what their bank, medical office or prefer shopping network is doing to protect their data.
Additionally, shopping, conducting errands and doing day-to-day business is easier for consumers with new electronic options. Think about sending money to a friend. It used to be necessary to write a cheque, find an envelope, find their address, get a stamp and put it in the mailbox. Or maybe it was a trip to the bank or a service provider that offered a wire transfer. Either way, these inconveniences have been replaced with the ease of PayPal, Xoom, Interac transfers and other ways. Again, because consumers have grown accustomed to the ease of these options, they won’t be going away and service providers have to step up constantly to ensure their security is the best it can be.
While consumers have grown accustomed to using online platforms and tools, they won’t tolerate security risks. If a breach occurs, they are unlikely to change their habits, but they may just change the organization they do business with. The “cloud-based” generation is only loyal to a point, and if an organization has put their personal information at risk, it can spell disaster.
As consumers and organizations get used to conducting various transactions and transfers in an online world, the value of hacking just one source increases exponentially representing a huge possible pay-off for the hacker or thief. When organizations become complacent about their systems, they become vulnerable because what was once secure soon won’t be. That secure system from five years ago already has issues and holes because hackers don’t keep trying the same methods, they continue to evolve and cybersecurity must evolve too.
When a hacker has had success with one organization using one style of attack, they are likely to try it on other organizations until it stops working. On the flip side, savvy organizations will learn about the latest hacking methods and will enhance their system to prevent the same or similar attacks. Therefore a clever hacker (and many of them are extremely clever) will continue to try various methods at various times in order to breach an organization’s security systems.
Don’t go thinking hackers are the lone persons in front of a computer in a darkened room. There is a lot of money to be had in cybercrime. These operations have access to financial resources that allow them to stay on top of all the trends and changes. They have tools, connectivity and access to complacent organizational systems. They don’t have much fear either as capture, persecution and jail are unlikely.
It’s a constant state of evolution for both the hacker and the organization that must keep data safe. Therefore, having team members who take cybersecurity courses is essential for every organization in order to get on top of and stay ahead of the potential breaches known now as well as identifying the unknown attacks of the future.