Sony felt the sting. It happened to Home Depot. Target, as well. The Canada Revenue Agency, too. And of course, Microsoft.
Security breaches and hacking exploits and bugs can dirty a business plan like a mudfight at a wedding. Whether you run a startup or a hefty SMB or a Fortune 500 firm, security has to be top of mind, especially while developing your next product.
Let’s look at Sony Pictures, which faced a massive leak of data, including a file inanely called Passwords. The data breach was a long time coming, according to inside sources.
“Sony’s ‘information security’ team is a complete joke,” one former employee told Fusion. “We’d report security violations to them and our repeated reports were ignored. For example, one of our Central European website managers hired a company to run a contest, put it up on the TV network’s website and was collecting personally identifying information without encrypting it. A hack of our file server about a year ago turned out to be another employee in Europe who left himself logged into the network (and our file server) in a cafe.”
While there are no figures calculating how the leak affected Sony’s bottom line, a report by Symantec found the average “lost business costs” per data breach were $3 million in the U.S.
Canada joins the world as a hotspot for exploits. A Statistics Canada report said that six per cent of the 17,000 private Canadian enterprises it surveyed had experienced an Internet security breach in 2013. And look at how hackers snuck into the Canada Revenue Agency records to compromise 900 social insurance numbers.
We all know hacktivists and malware thugs will be on the lookout for their next mark, and don’t assume they’re only going after the major firms like Microsoft and Home Depot. The smaller the firm, the less money will be spent on security. That’s where your hand-wringing comes in; without investing in security, both financially and mentally, you could fall prey to an enterprising hacker or a dangerous bug opening your company to attacks.
Atif Ghauri is the Chief Technology Officer for Herjavec Group, a firm dedicated to providing security to businesses across the world. Ghauri told us the most disconcerting issue is how developers don’t want to deal with security challenges. “For them, speed is everything, they want to get software code out the door. But a smart company would block the launch of a product because of a security risk. And many customers will take that risk.”
He points out security should be embedded in the lifecycle of a product’s ecosystem. Otherwise, a company will have to release patches, bug fixes or a brand-tarnishing mea culpa that could do more damage than waiting another week to release a product.
How should SMBs invest in security? Ghauri suggests harnessing “brains in house and outsourcing muscle.” In other words, listen to your IT team and engineers when they highlight a security issue that needs to be addressed immediately. When it comes to day-to-day maintenance, hiring some security muscle to keep your products exploit-free could be an investment that pays off tremendously.
Also, take to heart what this Forbes report says about securing your company:
When building a defense strategy, it is important to understand that hacking is a business. The adversary has resources and tools and spends ample time researching an organization’s weaknesses to map out their attack plan and trick the defender. Carrying over the IT mindset into security is akin to assigning a traffic accident investigator to a murder investigation. While the first assumes negligence and errors, the latter will always assume malicious intent.
Latest posts by (see all)
- B2B News for June 2, 2022: AgTech Robots Come to Canada, HUB Cyber Security Buy Back - June 2, 2022
- Content Marketing Assets: A Primer - May 20, 2022
- B2B News for May 12, 2022: First Integrated Metaverse, Gaming, and Crypto Media Company Created, CGI Sends $1 Million to Ukraine - May 12, 2022
- B2B News for Wednesday, January 19, 2022: Cradlepoint and Juniper Partnership, New ABM Research, New Contentstack CRO - January 19, 2022
- B2B News for Friday, January 14, 2022: Global Consumer Survey, Dealing with e-Waste, Hybrid Office Support - January 14, 2022
- B2B News for Wednesday, January 12, 2022: US Companies See Most Ransom Ware Attacks, Employment in 2030 - January 12, 2022
- 5 things law marketing can learn from the Kansas City Royals - November 6, 2014
- Tips For Saving Money At Your Retail Store - February 1, 2023
- B2B Sales: How To Improve Your Workflow From the Very First Call - January 27, 2023
- Three steps to take back control of your SAP landscape - January 24, 2023