According to a recent publication from The Hill, nearly half of all data breaches in 2016 were at US companies. The research by Risk Based Security notes that the US had 10 times more incidents than the second most breached country, the UK. That’s astounding. Being at the top of this list is not an easy accomplishment, and there are several factors that possibly attribute to this.
One possible attribution is that the US lacks broad cyber regulations. Aside from Federal agencies, Healthcare, and Financial Institutions, US-based companies are largely left to self-regulate or regulate amongst themselves (PCI-DSS). Another angle could be simply that the US is a healthy target with many companies to exploit.
The most likely scenario is that the speed of business within a global economy has hit break-neck speeds. Pile on the level of complexity, pressures of Wall Street, and competing in a global market and you have a formula for cyber breach opportunities aplenty. In other words, US-based companies are often at the edge of technology innovation; seeking that small edge within the global arena of the free market.
But, like any shortcut, there are often unforeseen trade-offs. With every new technology innovation, there is a tax or inherited risk that comes with it. Historically, companies could afford to adopt new technologies at a more conservative pace. Those times have passed; any new technology is often seen as essential for modernized companies.
Now enter the corporate security programs within these globally competitive digital companies. We all recognize that they are essential. But are they seen as just enough, an insurance policy, or worse yet, a bottleneck to innovation and growth?
I don’t have all the answers, just enough experiences within companies similar to those described to know that they are struggling to embrace the real investments and opportunities they have with these cyber security assets. The sooner organizations realize that the best way to navigate the risky digital waters ahead is by using a cybersecurity compass, the more competitive they will be in the long run.
Security management, of course, has a role to play in developing that compass. If you’re interested in learning how FireMon can help, contact us for a demo >>