Estimated reading time: 1 minute, 55 seconds

Preventing a Breach Begins at the Top: Survey Featured

Organizations that have stayed safe from cyber attacks in recent years have tended to do so with buy-in from senior management and the board.

light bulbs 1875384 640smallThat’s according to a new study by privacy think tank Ponemon Institute and risk management vendor Opus. So reports Compliance Week. Ponemon and Opus surveyed 1,000 U.S. and U.K. information-technology pros with direct involvement in overseeing cyber risk. Of those, 32% had never experienced a data breach. Another 36% said their organizations had not suffered a data breach in the past 12 months.

These “high-performing” organizations had stronger governance regimes for overseeing outsourced work, the study finds. That’s in comparison to the 59% of organizations that had experienced a breach at some point, including 42% in the last 12 months. Such governance practices included regular engagement with top executives and the board members. High-performers were also more likely to say they were allocated enough resources for managing outsourced relationships.

Another attribute of high-performing organizations was their approach to the security and privacy practices of third parties. These organizations didn’t just have contracts in place to guarantee that third parties use the proper security and privacy practices. They also were more likely to perform audits and evaluations of how well vendors were actually implementing these practices.

The Ponemon and Opal study focused on preventing data breaches. Once a breach has occurred, having the best practices in place can help reduce the damage, as Security Boulevard reports.

Organizations should concentrate on cutting down “dwell time,” the amount of time between the breach’s occurrence and it being discovered, said Pravin Kothari, CEO of CipherCloud, a software developer. Experts also recommend having a plan in place and conducting “fire drills” periodically to ensure the plan works.

The costs of a breach can be severe—and go beyond the value of the data exposed. Software developer Ping Identity recently surveyed 3,000 U.S., U.K., French, and German consumers. More than three-fourths said they would stop interacting online with a brand that has suffered a breach. Almost half said they would not sign up with an online brand with a recent breach.

Repairing that reputational damage can be expensive. Take the healthcare sector alone. Hospitals raised their annual advertising budgets by 64% in the two years after a breach, the American Journal of Managed Care found in a recent study.

Read 3838 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.