The recent security breach experienced by Target over the holiday season has brought the issue of information systems security into public discourse. Between alleged spying by the National Security Administration and the concerted efforts of hackers around the world, businesses are right to be concerned about computer security. Just how much a company should be worried depends on the business.
A report by security technology firm McAfee estimates that information systems security breaches and other cybercrimes cost the United States $100 billion and the world $300 billion annually. Although some perpetrators of attacks carry them out to be disruptive, the majority of security breaches result from the desire to gain access to information. In the case of Target, the thieves stole data for about 40 million credit and debit cards. Other companies have experienced thefts of intellectual property and sensitive data such as company emails.
If your company has information that thieves consider to be valuable—such as credit card numbers—you should be very concerned about information systems security. Even if you're a small business with relatively little that a cyber thief would want, you should still beef up the security on your internal and external systems that could be targeted.
Often, cyber criminals hack into systems to use companies' or individuals' digital resources to perpetuate their crimes. For example, hackers infect computers with malware that allows them to control those machines and use them to launch denial-of-service attacks or send spam. Alternatively, the malware may log keystrokes, capturing sensitive information like passwords and credit card numbers to send to the thief.
Whether your company already has a sophisticated security system in place, or the subject of information systems security has never come up in a meeting, it's a good idea to set aside time to assess your risks and invest in adequate protection. The cost of a security breach involves more than money: it can result in loss of customer trust. After Target's breach was revealed, its sales declined about 4 percent over the holiday season, its stock dipped 2 percent, and at least one lawsuit was filed against the company.
In addition to enhancing the virtual and physical security of your systems, it's important to create a culture of security at your company. Often, people are the weakest link in information systems security. One careless move by an employee can lead to a major breach. Talk to employees about security concerns and train them in correct Internet protocols and best practices to help them avoid opening the digital doors to hackers.
As technology becomes more sophisticated and ubiquitous in society, computer security threats will increase. Take time to develop a comprehensive information systems security program to protect your company and customers from cyber criminals.
(Photo courtesy of freedigitalphotos.net)