In recognition of June being National Safety Month, this month’s blog will focus on Cybersecurity. Years ago, discussions about cybersecurity were isolated to cramped Information Technology closets, but lately these discussions have entered the mainstream. Today it is a key issue not only in the boardroom of Fortune 500 companies, but also with investors and government officials around the world. To break down the numbers in this rapidly growing space, Forbes reported in 2015 that the global cybersecurity market had reached $75 billion and is on track to reach $170 billion by 2020. Not a day goes by when we don’t hear about another cybersecurity breach involving espionage, hacking, or other data leaks across all areas of business around the globe, with the main goal of causing disruption and angst in our lives. The economic effect? On average, it is estimated that a data breach cost companies $4 million in 2016, up 29% from 2013. More troubling is the average time to identify a breach was 201 days, and the average time to contain one was 70 days.
Unfortunately from an economic perspective, the challenge of cybersecurity and trying to prevent disruption creates a very complicated dichotomy. Businesses are constantly attempting to rein in costs, streamline processes, and improve the overall client experience. Companies can partly accomplish these goals by further leveraging technology. However, this new technology only increases their exposure to cyber criminals. Despite most firms today allocating substantial resources to prevent cybercrime, less than 2% of cybercriminals are ever prosecuted. When you combine the increased use of mobile devices and cloud based computing with the fact that a cyberattack is easy to initiate and inexpensive to execute, you begin to see why cybersecurity and protecting client data is at the top of any business agenda.
In order to fully understand the economic effects of dealing with cybersecurity and the increasing challenges that all companies, big and small, face, we need look no further than classical economic thought and the law of diminishing returns. The first recorded mention of this law dates back to the mid-1700s. Simply stated, it is the idea that increasing the number of new labor units into a situation will eventually cause the productivity of each additional employee to be less than the previous one.
© Copyright 2014 Auerbach Publications
If we apply this law to cybersecurity and the prevention of it, we see the parallel. Companies are constantly introducing new tools, technology, processes and employees to stay ahead of the attackers in hopes of locking down their systems and securing their data. However, as these resources are deployed, they lead to increased complexity and cause inefficiencies in the system, eventually negatively impacting the bottom line.
So what can be done? According to some, the only steps that companies as well as individuals can take is to speed up the response time in identifying threats and to swiftly counteract them. In addition, since it is virtually impossible to make any system completely safe, the focus needs to be on making any attack too risky and too costly for any hacker to make an attempt in the first place.
What can we as individuals do to prevent the negative economic effects and grief of being targeted? The easiest solution is to use advanced passwords and avoid suspicious communications on email or texts at all costs. For a more complete list, check out these 7 useful tips.
Here at Rocco & Associates, we take the threat of cybersecurity attacks and the protection of our client’s Personally Identifiable Information (PII) very seriously. Working with our partners, we deployed full disk encryption on all of our devices that have access to client data, two factor authentication for our cloud based systems, and a secure encrypted email portal to send and receive communications sensitive communications. By year end, we will be adding a section to our website that outlines these as well as all of the other steps we have taken and will continue to take to preserve the integrity of our client data.
As always, if you have any questions about our policies or procedures regarding cybersecurity, please do not hesitate to reach out to the office. Until next time, stay safe out there and keep the faith.