While more companies are taking action to prevent and respond to a security breach like the recent Home Depot hack, the number of attacks is also on the rise. In the past year alone, an astounding 43% of companies in the United States were hit by a data breach, according to a new study by Experian and Ponemon–a 10% increase from the previous year.
According to the survey, which asked 567 executives of U.S. companies about their preparedness and response plan for a data breach, 73% said their company has plans and teams in place to respond to a data breach (compared to 61% in last year’s survey). However, only 30% of respondents said that plan was effective, and a vast majority (78%) don’t update their plan regularly.
“While more organizations have data breach preparedness on their radar and have developed a response plan, a majority of companies are not putting the support and resources behind having it truly be effective,” said Michael Bruemmer, vice president of Experian Data Breach Resolution. For example, fewer than half of companies train customer service representatives and employees who handle sensitive data on security measures, which the study calls a company’s “weakest link” when it comes to vulnerability to hackers.
Increasing data security isn’t only good for customers, it’s good for a company’s bottom line. According to Ponemon and IBM’s 2014 Cost of Data Breach Study, each stolen record costs a company $201, unless it has implemented a formal response plan. Having a plan in place reduced the cost per lost record to as little as $17. But implementing security measures on old software can be difficult.
“Security really needs to come in from the beginning,” Patrick Thomas, a security consultant at Neohapsis, told Fast Company in February. “For larger companies with huge established portfolios of applications, many of these go back five, 15, 20 years to before many modern security practices existed. Overhauling them is a tremendous mountain to climb.”
[h/t USA Today]