- Home Depot $560m remediation fee
On 8 September 2014 Home Depot learned that it had been breached. They would later find out that 56 million customers were compromised due to the cyber attack. As a result, they’re offering free identity protection services, including credit monitoring. At an estimated $10 per credit card (at least), this would equate to $560 million in remediation fees. Ouch.
- Code Spaces shuts down within 24 hours
Hosting company Code Spaces shut down within 24 hours after a denial-of-service attack (DOS) resulted in critical loss of company data. A hacker gained access to the company’s Amazon Web Services (AWS) account and deleted the majority of its customer data. Left compromised, vulnerable and unable to restore the data, Code Spaces made the decision to completely shut down.
- Target’s profit plummets 46%
Target, one of America’s largest retailers, suffered a data breach in December last year which affected 40 million of its customers. As a result, customers lost confidence in the store and profits dropped by 46% in its fourth fiscal quarter of 2013.
- Target CEO ‘out’ following data breach which affected 40 million customers
A 35-year veteran of Target, CEO Gregg Steinhafel, stepped down from his position following the data breach which almost “derailed the business”, as reported in Forbes. This proves that the IT department aren’t the only ones responsible for a company’s information security – the buck stops with the CEO.
- Cyber crime costs US economy up $140 billion and 500,000 jobs
According to a study conducted by the Center for Strategic and International Studies, cyber attacks could be draining as much as $140 billion and 508,000 jobs from the US economy each year. The report looked at intellectual property theft, cybercrimes such as phishing and text messaging fraud, loss of sensitive business information, service disruptions, security costs and damage to reputation.
There’s no denying that there are devastating but very real consequences to suffering a data breach, affecting both the retailer and the consumer. Implementing preventative measures, however, is almost certainly less expensive than letting a cyber attack take place in the first place.
Many business are choosing ISO27001 as the framework to base their information security management systems on. The international cyber security standard has long been regarded as the leading framework for implementing an information security management system (ISMS), as it enables organizations to obtain an independent certification to prove their cyber security credentials.
The latest survey from the International Organization for Standardization (ISO) shows a 36% rise in American ISO27001 certificates issued in 2013 (566), compared to 2012 (415). These figures support the year-on-year growth trend for ISO27001 certificates, and illustrate the rise in cyber security awareness throughout the USA.
Alan Calder, founder and executive chairman of leading cyber security firm IT Governance, comments on the rise in ISO27001 certificates: “The recent data breaches at Home Depot and Target have hit businesses hard and have made the need for tighter information security controls even more urgent. As a result, many firms are facing pressure to protect customer data from their stakeholders, as well as from compliance requirements. This could be one of the reasons behind the rise in ISO27001 certificates last year.”
Resources you may find useful: