As enterprises resign themselves to the sobering fact that security compromises are unavoidable, another resulting inevitability is coming into play: ensuing lawsuits and class actions spurred by data breaches and customer data loss. Last week, the Republican presidential nominee's hotel chain and the U.S.' third largest search engine came to terms with this reality. What does the future hold for organizations facing inexorable data breaches coupled with the spectre of resulting litigation?
You've seen enough Hollywood blockbusters about casino heists to know that gambling institutions are constantly in the crosshairs of attackers—online and off. In the digital realm, however, better malware tools and access to deep funding make today's cyber criminals more than a bad movie, especially when lucrative payloads are for the taking.
No, we aren't talking about your burger-inhaling operator passing out on the job, leaving your precious IT assets unattended. You've probably guessed that we're referring to the latest Wendy's data breach announcement: on June 9th, the international fast food chain disclosed that its January 2016 security compromise was, in fact, a lot worse than originally stated—potentially eclipsing the Home Depot and Target data breaches.
Cyber attackers are, above all else, opportunists—malware and viruses require time and resources to develop and are therefore created with the greatest returns in mind. In terms of operating systems, Windows typically gets a bad rap for security—the price of popularity, as it were. But as other OS platforms have whittled down Windows' market share in recent years, cyber attackers have had an increasingly broad playing field for exploitation.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.