The mind of a hacker
In my previous blog about the commonality of passwords, a companion article addressed glimpses into a hackers mind. The survey, conducted by Thycotic included the following results.
- 51% do it for fun
- 19% do it for financial gain
- 29% feel they are a moral compass
- 1% do it for notoriety
- 86% are not worried about getting caught
Who would they target first?
- 40% would start with a contractor
- 30% would target IT administrators
- 16% would start with a non-executive employee
- 8% would choose and executive admin
- 6% would target and executive
Interesting statistics. But, it does surface an underlying problem that organizations should be wary of. With the huge increase in security breaches organizations do need to step up to the plate. But as evident in the news, there are quite few organizations who don’t take the governance steps to prevent, or do their best to prevent, a security exposure. Many organizations don’t even report them unless they are massive, such as Target. It is almost after the fact.
Ponemon Institute’s 2014 Cost of a Data Breach study found the average cost of a data breach to be $3.5 million in US dollars. The average cost paid for each lost or stolen record containing sensitive and confidential information increased more than 9 percent from $136 in 2013 to $145 in this year’s study. And that’s conservative; the recent high profile Target case costs are expected to top one billion according to analysts. It gets worse; the survey also found that the US has the highest lost business costs after a breach due to reputational loss, diminished good will and customers going elsewhere – $3.3 million on average to be exact.
You might be thinking, what are the chances a breach will happen to me? Ponemon looked into that too. The probability of a material data breach involving a minimum of 10,000 records is more than 22 percent!
Not real good odds considering the costs.