A big fear of business leaders and privacy professionals alike is the accidental breach of customer personally identifiable information (PII) either through the loss or destruction of company property, such as a laptop, by an employee.
However, the 2010 Verizon Data Breach Investigations report points to a different data privacy threat that is farther reaching than that of a laptop left on a plane. The report indicates that organized crime is responsible for 85% of all stolen data in 2009. Cyber-criminals were able to take advantage of login credentials on nearly 40% of the data stolen to potentially inflict credit or financial damages on individuals. However, the study points to 98% of the ensuing data breaches being avoidable through simple controls that were not in place. Read more about this report on CNET.
Does this study indicate that companies are not doing enough to protect their customer data? According to a 2009 Ponemon study, 70% of IT professionals in the healthcare field, for example, believe that senior management does not view privacy and data security as a top priority. The study also shows that over 60% of IT professionals surveyed believe they do not have enough resources to ensure data security requirements are met.
All too often security is not discussed until a data breach takes place. A breach may result in reduced customer trust, lost revenue and substantial costs associated with resolving the crisis. It may be time to start the internal conversation to ensure the right systems are in place to protect customer data…before it’s too late.