The Sony breach that compromised almost 50,000 employee Social Security numbers, healthcare records, salary information and private email correspondence has prompted businesses across the nation to take a firmer stance on cybersecurity in 2015.
"That is concerning not just for the movie industry but for all industries within the U.S. economy or world economy," security professional Frank Mong said to The Los Angeles Times, speaking of the Sony breach. "Now you have to operate under the mind-set that my email is not confidential. We should all live with a little more paranoia when we do these things — ask, 'Is this really legitimate?' Should I really be clicking that?"
This breach revealed just how vulnerable most organizations are to potential attacks, and is causing a great deal of concern in the business world, especially for companies that handle sensitive customer and employee information. Since the Sony breach has political ramifications in the United States' dealings with North Korea, the incident has received a greater amount of press than the average point-of-sale attack, bringing to the forefront the havoc that such security breaches can wreak on an entire nation and industry.
When so much data is at stake, it no longer appears that one year of free credit monitoring will be enough to get companies off the hook for negligence concerning security practices. There is a great deal of money to be lost every time an organization is hacked, and businesses are beginning to see that it's in their best interest to invest more in cybersecurity upfront.
In fact, Sony has experienced intense backlash from the breach, and is facing a great deal of legal fees in the future. Sony employees have already filed four class-action lawsuits against the company, claiming that Sony failed to defend employee information by ignoring past breaches and security warnings.
CNN reports that one such complaint characterizes the breach as "an epic nightmare, much better suited to a cinematic thriller than to real life, is unfolding in slow motion for Sony's current and former employees: Their most sensitive data including over 47,000 Social Security numbers, employment files including salaries, medical information, and anything else that their employer Sony touched, has been leaked to the public, and may even be in the hands of criminals."
This last year was a record-setting one for high-magnitude data breaches, and businesses and consumers alike are realizing they have to become more security-conscious if they want to keep their information private. Security and retail professionals are predicting that breaches will increase in 2015, especially ahead of the October deadline for retailers to transition to the EMV chip-and-PIN credit cards.
The chip-and-PIN cards have the advantage of encrypting the payment card's data throughout the entire transaction process, whereas swipe cards leave the cardholder's information unencrypted for a moment at the point-of-sale. Cybercriminals can then use sophisticated malware to steal the card number. When U.S. retailers convert fully to EMV technology, hackers will no longer be able to take this data as easily, which is why they are expected to increase the number of attacks before the window of opportunity closes.
If you own or operate a business, it's crucial to evaluate the strength and security defenses of your payment processing software before the new year begins. Cyberattacks are unlikely to slow down or become less severe, especially as the deadline approaches for PCI regulation changes. Upgrade your systems to ensure that you enjoy a safe and productive year, protecting both your employees and your customers' valuable information.