In the past decade, IT Risk has gone from niche topic in data security circles to critical issue in the larger world of business and beyond. Recently it even spilled over into the realm of popular culture, such as when Mark Zuckerberg went before Congress in April 2018 to defend Facebook’s data privacy practices. The event was picked up by every major news outlet and became something of a cultural moment in its own right.
Other events routinely make headlines for their sheer magnitude. In September of 2017, Equifax revealed that a data breach exposed the sensitive personal information of 143 million Americans. Not to be outdone, in November 2018 hospitality giant Marriott revealed that a massive hack led to the theft of personal data belonging to an incredible 383 million customers — the largest breach on record. Google, Quora, PG&E, and, yes, even the beleaguered Facebook have each posted staggering data breach numbers of their own in recent years.
These situations may be outliers costing billions of dollars of damage, but the consequences are very real for companies of every size. In 2018, the global average cost of a data breach rose to $3.86 million. This number will continue to rise as long as Information Security officers fail to keep pace with and defend against the strategies hackers employ — many of which are highly preventable.