The global economic survey report 2016, ranked cyber crime as the second most reported economic crime during the year. But some questions remain to about how under reported cyber crime is particularly hacking. In some instances companies do not seem to even know they were hacked until well after the fact, and in other cases great effort is expended to keep such secret.
A considerable number of organizational respondents to the survey, approximately 32%, reported being affected by cyber crime. Nearly 34% felt that they would be affected within the next 2 years. While 61% of the top executives feared cyber attacks, only 37% of organizations claimed to have a cyber incident response plan in place. Obviously, this represents a significant disconnect between the level of fear and the level of preparedness in the industry.
Perhaps the problem with the level of preparedness is that many continue to think that a cyber attack will not happen to them. Such a view is hard to understand given that some of the biggest organizations in the world have been victimized by cyber crimes in the recent years. For example,
• Internet giant Google’s corporate server, were hacked in China for the procurement of intellectual property in 2009.
• In 2014, fraudster hacked into company server of Home Depot, one of well-known home improvement retailer in usa.
• Two major data breach revelation were made by yahoo, according to report over a billion Yahoos user’s data was compromised.
• In 2015, millions of customer’s data was stolen from health care companies for medication and medical information.
• Identity thieves stole over 700,000 social security members from US internal revenue service.
• Wikileaks,known for publishing secret information ,had exposed a series of emails taken from server of Democratic National Committee that contained financial data on high profile donors to Hillary Clinton’s campaign
• A cyber attack called a ‘distributed denial of service’, shut down popular sites like Paypal, Twitter, Netflix.
Any plans to expand a business’s visibility, such as with respect to having or increasing a mobile presence, should involve reliance on robust platforms, strong architectural guidelines and trustworthy developers. Data security is equally imperative for apps, employees holding critical access should be at least educated on social engineering threats and the appropriate use of social media. Indeed, it is now no longer important to just educate employees on what may be patentable, what should be kept as a trade secret and how, but also on how hackers operate and engage in a variety of tactics, including tried and true low-tech strategies such as social engineer.