The numbers of data breaches are growing each year. There were 888 confirmed data breaches compromising 246 million records worldwide in the first half of 2015 alone, according to the Breach Level Index released by Gemalto. Data breaches continued throughout the year. In October 2015, British telecom firm Talk Talk was the victim of a cyber attack which saw the financial data of customers compromised. Instances of data breaches continued to dog the news in 2016 as well. In January this year, Wendy’s, an American chain of fast-food restaurants, reported that it was investigating claims of a possible credit card breach at some of its retail outlets. In February, the US Internal Revenue Service discovered and averted automatic cyber attack involving taxpayers’ personal identification numbers (PIN). Instances of data breaches continue to occupy headlines seemingly every other day.

Yet, as per a survey compiled by CompTIA, a trade group representing major IT firms, 45 percent of employees at American companies receive no training on issues of cyber security. A similar report comes from the 2015 Information Security Breaches survey released by the UK government. The survey reports that about half of the breaches reported in the year were due to inadvertent human error; as a result of poor understanding of security policy by staff. Such instances can certainly be avoided with the right training that serves a purpose – reducing the number of data breaches. It is important that organisations focus on not just providing the training but also the effectiveness of the training.

Jul-Sep 2016 Issue

Commlab India