Information is perhaps your most valued asset. Yet, for many companies, it remains in an environment that is susceptible to both internal and external threats.
However, in today’s world, “data security” can no longer simply be a secondary consideration. In fact, data breaches are among the most common and costly security failures in organizations of any size.
According to an annual study conducted by Ponemon Institute (an independent third party that conducts research on privacy, data protection, and information security policy) in partnership with IBM, the total average cost of a data breach worldwide has increased 15% over the past year to more than $3.5 million. The priciest data breach to resolve cost the company nearly $31 million. Even the least expensive data breach in the study still cost the company upwards of $750,000.
It’s therefore imperative that every organization, large or small, be vigilant and pro-active about protecting data assets. Many, however, are not. Why? Consider the following:
1. During the course of an audit, where such problems can be detected, auditors found breaches only 3% of the time, and twice as often (6% of the time) by accident rather than through the audit process itself. However, this detection is not the objective of auditors, nor is it their area of expertise. Auditors should not be IT security specialists; that is not their role.
2. IT and security teams are intimately involved with the data and its security on a constant basis. As a result, companies must look beyond IT when assessing data breach risks and invest in independent, professional, proven and credentialed third parties that can analyze the data security and its environment from alternative perspectives.
The lesson here is that in order to reduce data breaches, companies must integrate security into the corporate culture and consistently evaluate the risks of every interaction with networks, devices, data, and of course, other users, including internal employees. That process begins with having a financial / technological forensics audit performed.
If you’re interested in learning more, contact Lakelet Financial Forensics Group. Our certified information technology professionals as recognized by the American Institute of Certified Public Accountants are available to assist you in managing this exposure.