Last year saw some of the highest profile data breaches with hundreds of millions of people impacted and their data compromised. These hacks are no longer down to just bored teenagers, criminals or those with a grudge. Even individual states are now being identified as being responsible for a number of the attacks.
Some of the biggest data breaches in 2014 in terms of the number of people impacted included:
- Ebay – Encrypted passwords, emails, mailing addresses, phone numbers and dates of birth of around 145 million people were accessed.
- Target – Credit, debit cards and personal details of around 110 million people were compromised.
- Sony – It is unknown exactly how many people have been affected to date, but the data accessed was of even greater scope. Including wage details, social security numbers and other personnel details along with yet to be released footage and company information.
Whilst the headlines often lead with shocking data breaches at big brands such as Sony, Ebay and Target it is not just the private sector that is caught wanting.
A survey that has been conducted by BT showed that over 75% of decision makers in the public sector believe that their chief executive does not have a serious enough approach to security.
These results suggest that the public sector is not sufficiently protecting itself from threats, including lost and stolen devices and malware infections.
Worryingly, online, 18% of people believed that their organisation would be adequately protected from mobile security breaches, and the majority of people said that their company does not provide IT security training for all employees.
Could this explain why so many employees, a huge 79%, say that they don’t take IT security seriously enough? Perhaps they don’t understand the dangers or to what extent they can affect the business.
Mark Hughes, president of BT Security says it’s important that everyone within a company takes responsibility for its IT security because of the impacts breaches can have, including fines, reputational damage and lack of public trust.
He thinks that if “public leaders are passionate about making security practices work, then they will inevitably become an intrinsic part of people’s lives. Problems usually arise when people don’t understand the risks and the impact that neglecting security could cause for the organisation, as well as for them personally.”
Considering the political angle some the attacks are now taking the public sector certainly needs to consider investing more time and money in the protection of everyone’s data.
[Photo Credit: IntelFreePress ]