Shoring Up Cybersecurity Tied to Bottom-Line Losses

Despite a torrent of high-profile data breaches -- most recently at eBay -- many security experts fear businesses and consumers will continue doing little to bolster their protections against cybercrooks until they feel it in their pocketbooks.

[eBay] revealed that a database containing customers' names, passwords, phone numbers, dates of birth, email and home addresses was compromised. But as with most other recent hacks, eBay said it had no evidence anyone's money was stolen. And that -- ironically -- is the problem.

Unless such attacks result in widespread financial losses, experts say, the threat won't be taken seriously.

"Until it hits them at home, it won't matter much," said Scott Goldman, CEO of security firm TextPower, based in San Juan Capistrano. "The very fact that people are becoming numb to the constant stream of breaches indicates the pathetic level of security provided by most online services."

Like many individuals, businesses often balk at the cost of cybersecurity, figuring it's not worth the benefit.

"Most companies are focused on revenues and profits; unfortunately, security doesn't drive either of those two priorities," said Eric Chiu, president of Mountain View security company HyTrust. "Instead, they view investment in security as insurance which they can put off until something bad happens, which is too late."

The problem with that approach, he added, is that it can wind up backfiring.

"As we have seen from Target," he said, referring to the retailer's disclosure in January that thieves stole payment card and other information from at least 40 million of its customers, "the potential costs of not putting customer data as a top priority are brand damage, loss of customer trust and ultimately major business impact."

Target's breach reportedly has cost it close to $1 billion and prompted the May 5 resignation of its CEO.

To bolster customer security, Target has said it plans to...

Comments are closed.

Shoring Up Cybersecurity Tied to Bottom-Line Losses

Despite a torrent of high-profile data breaches -- most recently at eBay -- many security experts fear businesses and consumers will continue doing little to bolster their protections against cybercrooks until they feel it in their pocketbooks.

[eBay] revealed that a database containing customers' names, passwords, phone numbers, dates of birth, email and home addresses was compromised. But as with most other recent hacks, eBay said it had no evidence anyone's money was stolen. And that -- ironically -- is the problem.

Unless such attacks result in widespread financial losses, experts say, the threat won't be taken seriously.

"Until it hits them at home, it won't matter much," said Scott Goldman, CEO of security firm TextPower, based in San Juan Capistrano. "The very fact that people are becoming numb to the constant stream of breaches indicates the pathetic level of security provided by most online services."

Like many individuals, businesses often balk at the cost of cybersecurity, figuring it's not worth the benefit.

"Most companies are focused on revenues and profits; unfortunately, security doesn't drive either of those two priorities," said Eric Chiu, president of Mountain View security company HyTrust. "Instead, they view investment in security as insurance which they can put off until something bad happens, which is too late."

The problem with that approach, he added, is that it can wind up backfiring.

"As we have seen from Target," he said, referring to the retailer's disclosure in January that thieves stole payment card and other information from at least 40 million of its customers, "the potential costs of not putting customer data as a top priority are brand damage, loss of customer trust and ultimately major business impact."

Target's breach reportedly has cost it close to $1 billion and prompted the May 5 resignation of its CEO.

To bolster customer security, Target has said it plans to...

Comments are closed.