Following recent news that more than two-thirds of companies have been hit by data breaches over the past year, the report featured in
Computer Weekly is an interesting, if not alarming, confirmation that fraud is on the rise. Although person-present payments have improved security measures due to developments in global security standards like PCI DSS; cyber attacks still continue to be
an area of vulnerability for businesses across the UK.
Current UK laws don’t make it necessary for details of data breaches to be publicised, so the report provides an interesting insight into the number of businesses which are being affected by constant security threats. In the US there is a completely different
approach and the State Security Breach Notification Laws publicise data breaches, there is more understanding and knowledge of how an attack has occurred, dulling down sensationalism surrounding a
data breach.
In my experience, businesses and consumers are still falling victim to techniques which are relatively old news; take for example SQL injection – a code injection technique which exploits weaknesses in the checking of input data and which is very well known.
People just don’t want to envisage that this kind of attack may happen on their own doorstep. Security professionals need to raise awareness to the constant and evolving threat which cyber attacks pose to businesses and most importantly how they can apply
best practice techniques to deal with them.