Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

Companies under-prepared and under-trained to deal with hackers

Companies under-prepared and under-trained to deal with hackers 

Still, prominent security breaches like the Sony, Ebay and Evernote hacks—and even the Snowden leaks—have increased awareness about this ever-looming cyber-threat.

A recent study by Munich Re polled business risk managers in small, medium and large-sized companies. It found that almost 70 per cent of businesses experienced at least one hacking incident over the past year.

What’s worrying isn’t the number of hacks that took place, but the fear of these risk managers that they won’t be able to respond effectively when the next hack happens. In fact, more than half (55 per cent) of the managers didn’t believe their company was dedicating enough money or trained personnel to combat the latest hacking techniques.

“Hackers have evolved and so have their methods of attack”

“Hackers have evolved and so have their methods of attack,” said Eric Cernak, Cyber Practice Leader for Munich Re. “Businesses are on high alert, but they can do a lot better. Simply reacting to new threats is not enough. Businesses of all sizes need to anticipate hacking trends and deploy the resources necessary to protect their private or sensitive information.”

When asked about the type of risk management services they would be most interested in deploying to combat this risk, 32 per cent of the respondents pointed to intrusion detection/penetration testing. Another 50 per cent of respondents were split evenly on whether the preferred employee education programs or encryption to improve their protection.

When risk managers were asked about possible vulnerabilities, the survey revealed a notable concern with the use of cloud technology, a movement to which companies are adapting rapidly despite clear security concerns from some security experts.

When hacked, loss of confidential information was viewed as the biggest risk by the managers, while service interruption and government intrusion also ranked prominently.

Concerns about the type of information being breached also varied. While many managers worried about losing personally identifiable information, others worried about losing sensitive corporate and financial information.

The study was conducted on April 27 at the Risk and Insurance Management Society Conference in New Orleans. It represents the sentiments of 102 risk manager attendees who represented small (1-99 employees), mid- (100-999 employees) and large-sized (1,000+ employees) businesses in the: manufacturing, retail, financial services, government, military, medical, healthcare; and education industries.

Related posts