Nearly every single organization in a study that looked at U.S. and European companies across several industries experienced at least one security breach, with many reporting more than one, according to IT security firm ForeScout’s State of IT Cyberdefense Maturity Report. More than 96% of respondents experienced a security incident while 39% experienced between two and five, and about 16% experienced more than five.
The most common way that companies face an attempted data breach was via a phishing scam (here’s a quick guide to phishing scams). Other issues stemmed from compliance policy violations and the unsanctioned use of devices or applications. Finally, a number of businesses reported that someone simply attempted an unauthorized data access.
Additionally, 40% of those surveyed said that keeping data secure became more difficult in the past two years.
Making Cybersecurity a Part of Due Diligence
With so many companies hacked, it becomes important to make cybersecurity a major part of a company’s business strategy — including when connecting with other businesses. Mergers and acquisitions often lead to gaining access to technology that is potentially compromised with malware or other hacking devices. And yet, very few companies actually include cybersecurity as part of their due diligence when doing M&A, according to a study by law firm Freshfields Bruckhaus Deringer. Ninety percent of respondents admitted that a data breach would seriously impact a company’s value during a merger, but 78% said they did not look at currently existing cyberdefenses when working out a deal.
Ensuring Business Partners Are Also Secure
Cybersecurity goes beyond M&A, however. Whenever one company does business with another company, the risk of being hacked increases if the two companies don’t practice equally good cybersecurity. It is already a challenge to keep one’s own employees informed about the risks of a cyberattack, but one must also be sure that the companies one does business with are also practicing good security tactics.
The matter of protecting oneself from other companies also comes into play during outsourcing. When businesses outsource an aspect of their work such as payroll, they should check to see if they are responsible for what happens if that company is hacked. Additionally, businesses should look into whether the company they are outsourcing their work to is keeping up with current cybersecurity trends.
When planning measures for cyberdefenses, businesses can’t leave out any of the companies they work with — like their suppliers, their outsourcing partners and the firms they acquire. With a huge number of corporations facing attempted data breaches every year, every partnered business becomes a potential liability in a company’s security network, and that can leave consumers at risk.
If you’re worried that your personal data has become exposed by a company, you should monitor your financial accounts regularly to check for any charges that you don’t remember making. Also, you should keep an eye on your credit scores. You can check two of your credit scores for free every month on Credit.com. Any major, unexpected changes in your credit scores could signal identity theft and you should pull copies of your credit reports (you can get them for free once a year) to confirm.
More on Identity Theft:
- Identity Theft: What You Need to Know
- How Do I Dispute an Error on My Credit Report?
- 3 Dumb Things You Can Do With Email