Organisations are not always aware of the cost a security breach, as the ripple effects of cybercrime are often more damaging than the actual theft of information, writes DOROS HADJIZENONOS, Country Manager of Check Point.
The cost of any type of theft is often a lot higher than just the value of the stolen goods. If your house was broken into, you would feel violated. While your insurance company would reimburse you for the items stolen, you might not have the same sense of security as you did before the break-in. To feel more secure, you might invest in security system upgrades and even change your habits, like going out less often or not coming home in the dark. At the end of the day, you end up spending more – and not necessarily just money – in order to feel safe again.
Corporate breaches are no different and the ripple effects of cybercrime are often more damaging than the actual theft of information. The loss of confidence – both from your company and your customers – make you overspend on security solutions, feel obligated to pay impacted suppliers and cause your customers to flee.
Tallying the cost of cybercrime
According to the Ponemon Institute, the average cost of a data breach is $154 (R2,180) per record. With many incidents involving thousands or even millions of records, the average cost of a single breach is often in the region of $3.79 million. The initial “splash” costs of a breach – when the stone first hits the water – includes several direct expenses:
- The value of stolen intellectual property
- Downtime analysing, repairing and refortifying all compromised systems
- Checking all systems for additional infections
- Restoring systems from backups and checking backups for vulnerabilities
- Changing security procedures and training personnel on new safeguards
The less obvious “ripple” costs, however, can quickly overshadow these direct costs, and include:
- Reputational damage. Brand value decreases 21% as a direct result of a security breach.
- Loss of business resulting from breach of trust. Research found that 73% of US customers switch their financial service provider due to personal data theft, and 44% of financial services companies reported business loss of 20% or more due to reputation issues.
- Knock-on attacks. People often use the same passwords to access different websites. Stolen passwords from one site are used in multiple breaches targeting other sites.
- Disruption caused to other businesses, such as suppliers and partners. In the case of critical infrastructure, if one grid goes offline, hundreds or thousands of businesses could be impacted in ways not easily quantified.
In 2013, US retail chain Target suffered a data loss event in which 40 million debit and credit card records were stolen. Direct expenses added up to $248 million over two years but some sources estimate costs will exceed $2.2 billion when including losses from fraudulent charges, reimbursing suppliers, and penalties from class action lawsuits.
The ripple effects to company reputation are difficult to estimate, but very real. If a company has strong customer support and handles the situation carefully, customers may be shaken but not leave.
Organisations can protect themselves by taking a holistic approach to security instead of patching together point solutions, and by focusing on threat prevention as opposed to threat detection and remediation. To further reduce risk, they should include data loss prevention in the security mix and use best practices when configuring security.
When considering their cybersecurity goals, organisations should ask the following questions:
- Understand the situation. How confident are we that our cybersecurity is effective against zero-day threats? How well trained are my employees about cyber threats and the potential consequences of their actions?
- See what’s coming. Do we have clear visibility of log activity in all of our network segments?
- Secure workloads not servers. Do the workloads I run in virtual, cloud and software-defined environments receive the same protections as workloads run in my data centre?
- Get prepared. Do the company’s policies protect information and resources in all environments? How is the executive leadership informed about the current threat level and potential business impact of cyber-attacks?
The volume of attacks and attack points requires complete visibility into operations and centralised security management, but not complete transparency. Security officers should be cautious about exposing protection methods or discussing attack details because when cybercriminals see where attacks have an impact, they adapt their tactics. Because of this, organisations – especially financial institutions – now share attack information through shared threat intelligence feeds. Since most hackers use the same successful attack methods against multiple victims, it increases their costs if a hack method only works once. The more expensive hacking is, the lower the number of hackers, making everyone safer.
IoT sensors are anything from doctor to canary in mines
Industrial IoT is changing the shape of the mining industry and the intelligence of the devices that drive it
The Internet of Things (IoT) has become many things in the mining industry. A canary that uses sensors to monitor underground air quality, a medic that monitors healthcare, a security guard that’s constantly on guard, and underground mobile vehicle control. It has evolved from the simple connectivity of essential sensors to devices into an ecosystem of indispensable tools and solutions that redefine how mining manages people, productivity and compliance. According to Karien Bornheim, CEO of Footprint Africa Business Solutions (FABS), IoT offers an integrated business solution that can deliver long-term, strategic benefits to the mining industry.
“To fully harness the business potential of IoT, the mining sector has to understand precisely how it can add value,” she adds. “IoT needs to be implemented across the entire value chain in order to deliver fully optimised, relevant and turnkey operational solutions. It doesn’t matter how large the project is, or how complex, what matters is that it is done in line with business strategy and with a clear focus.”
Over the past few years, mining organisations have deployed emerging technologies to help bolster flagging profits, manage increasingly weighty compliance requirements, and reduce overheads. These technologies are finding a foothold in an industry that faces far more complexities around employee wellbeing and safety than many others, and that juggles numerous moving parts to achieve output and performance on a par with competitive standards. Already, these technologies have allowed mines to fundamentally change worker safety protocols and improve working conditions. They have also provided mining companies with the ability to embed solutions into legacy platforms, allowing for sensors and IoT to pull them into a connected net that delivers results.
“The key to achieving results with any IoT or technology project is to partner with service providers, not just shove solutions into identified gaps,” says Bornheim. “You need to start in the conceptual stage and move through the pre-feasibility and bankable feasibility stages before you start the implementation. Work with trained and qualified chemical, metallurgical, mechanical, electrical, instrumentation and structural engineers that form a team led by a qualified engineering lead with experience in project management. This is the only way to ensure that every aspect of the project is aligned with the industry and its highly demanding specifications.”
Mining not only has complexities in compliance and health and safety, but the market has become saturated, difficult and mercurial. For organisations to thrive, they must find new revenue streams and innovate the ways in which they do business. This is where the data delivered by IoT sensors and devices can really transform the bottom line. If translated, analysed and used correctly, the data can provide insights that allow for the executive to make informed decisions about sites, investment and potential.
“The cross-pollination of different data sets from across different sites can help shift dynamics in plant operation and maintenance, in the execution of specific tasks, and so much more,” says Bornheim. “In addition, with sensors and connected devices and systems, mining operations can be managed intelligently to ensure the best results from equipment and people.”
The connection of the physical world to the digital is not new. Many of the applications currently being used or presented to the mining industry are not new either. What’s new is how these solutions are being implemented and the ways in which they are defined. It’s more than sticking on sensors. It’s using these sensors to streamline business across buildings, roads, vehicles, equipment, and sites. These sensors and the ways in which they are used or where they are installed can be customised to suit specific business requirements.
“With qualified electronic engineers and software experts, you can design a vast array of solutions to meet the real needs of your business,” says Bornheim. “Our engineers can programme, create, migrate and integrate embedded IoT solutions for microcontrollers, sensors, and processors. They can also develop intuitive dashboards and human-machine interfaces for IoT and machine-to-machine (M2M) devices to manage the input and output of a wide range of functionalities.”
The benefits of IoT lie in its ubiquity. It can be used in tandem with artificial intelligence or machine learning systems to enhance analytics, improve the automation of basic processes and monitor systems and equipment for faults. It can be used alongside M2M applications to enhance the results and the outcomes of the systems and their roles. And it can be used to improve collaboration and communication between man, machine and mine.
“You can use IoT platforms to visualise mission-critical data for device monitoring, remote control, alerts, security management, health and safety and healthcare,” concludes Bornheim. “The sky is genuinely the limit, especially now that the cost of sensors has come down and the intelligence of solutions and applications has gone up. From real-time insights to hands-on security and safety alerts to data that changes business direction and focus, IoT brings a myriad of benefits to the table.”
Oracle leads in clash of
Three e-commerce platforms have been awarded “gold medals” for leading the way in customer experience. SoftwareReviews, a division of Info-Tech Research Group, named Oracle Commerce Cloud the leader in its 2020 eCommerce Data Quadrant Awards, followed by Shopify Plus and IBM Digital Commerce. The awards are based on user reviews.
The three vendors received the following citations:
- Oracle Commerce Cloud ranked highest among software users, earning the number-one spot in many of the product feature section areas, shining brightest in reporting and analytics, predictive recommendations, order management, and integrated search.
- Shopify Plus performed consistently well according to users, taking the number-one spot for catalogue management, shopping cart management and ease of customisation.
- IBM Digital Commerce did exceptionally well in business value created, quality of features, and vendor support.
The SoftwareReviews Data Quadrant differentiates itself with insightful survey questions, backed by 22 years of research in IT. The study involves gathering intelligence on user satisfaction with both product features and experience with the vendor. When distilled, the customer’s experience is shaped by both the software interface and relationship with the vendor. Evaluating enterprise software along these two dimensions provides a comprehensive understanding of the product in its entirety and helps identify vendors that can deliver on both for the complete software experience.
“Our recent Data Quadrant in e-commerce solutions provides a compelling snapshot of the most popular enterprise-ready players, and can help you make an informed, data-driven selection of an e-commerce platform that will exceed your expectations,” says Ben Dickie, research director at Info-Tech Research Group.
“Having a dedicated e-commerce platform is where the rubber hits the road in transacting with your customers through digital channels. These platforms provide an indispensable array of features, from product catalog and cart management to payment processing to detailed transaction analytics.”