CyberScout
May 27, 2008

Business Owners Have "False Sense of Security" When It Comes to Data Breaches

A recent national survey of more than 1,500 business leaders conducted by Zogby International on behalf of CyberScout found that business decision makers possess an alarming “air of invincibility” when it comes to their companies’ potential exposure to a data breach.  Suffering a breach ranked last among the biggest business fears behind government fines, lawsuits, bankruptcy and natural disasters.    

Forty-five percent admit they are more concerned about data breaches than in the past, however that figure pales in comparison to the fact that 30% are more concerned that they could personally become a victim of identity theft (76% vs. 45%).  

While respondents don’t appear particularly worried about being hit by a breach or the damage control it will require, they do consider protection essential to customer service.  86% think safeguarding customer data is a high priority and 83% believe that a breach would definitely have an impact on business reputation.  

For all of the stated concern, it appears very little customer/employee protection is being implemented, as nearly two fifths do not have an incident response plan or outside vendor management procedures in place. The survey also found another third does not encrypt customer/employee data that contains personally identifiable information.   

Findings include:
34% of the businesses have no tools/procedures in place to detect identity fraud 
44% report that a security breach would have minimal to no financial impact on their business with another 22% reporting that they don’t know what the financial impact would be 
4% reported that their business had a data compromise and the greatest cause was the fault of an outside vendor followed by loss/theft of hard copy files and hacker infiltration 

Some of the words that the respondents used to describe the emotional effects of a data breach include “devastating,” “disastrous,” “loss of reputation,” “loss of customer confidence & trust” and “embarrassing.” 

Some phrases used to describe the financial effects include: “bankruptcy,” “business termination,” and “lawsuits.” 

“The survey confirms a head in the sand mentality regarding the threat to businesses today which we call a `data breach awareness gap’,” says Judd Rousseau, Chief Fraud Officer for CyberScout.  “Many decision makers still haven’t implemented the proper security measures to protect their company, customers and employees.” 

The study was conducted April 2-3 by Zogby International on behalf of CyberScout among 1,521 nationwide business owners/decision makers. The executive summary and additional highlights can be found on CyberScout’s website www.identitytheft911.com. If you would like a copy of the full report, please contact Tony Berlin @ (212) 752-8338. 

About CyberScout

Since 2003, CyberScout has set the standard for full-spectrum identity, privacy and data security services, offering proactive protection, education, and data theft resolution as well as breach preparedness and response. Serving approximately 17.5 million households worldwide and more than 770,000 businesses, CyberScout is offered globally by an ever-growing number of client partners. CyberScout combines extensive experience with high-touch service to help individuals, government and commercial clients minimize risk and maximize recovery.

Learn more