While 2014 may have been called “The Year of the Hack” by CNNMoney, the same security risks and opportunities for data theft and fraud are expected to remain throughout 2015. The recent cyber attack against Anthem, a major nationwide insurance company, is testament alone to the high value — and high cost — of information theft. Despite the upcoming EMV implementation and updated PCI Security Standards, the threat of data, information, and identity theft is still looms over many industries.
Experian, the global information services group in the credit services field, recently published their second annual data breach forecast. Here are some of their forecasts for 2015:
- More payment attacks on smaller, regional chains can be expected as larger companies harden their security through EMV chip-and-pin technology.
- More attacks toward cloud data systems and social media.
- Employees’ mistakes will be the biggest threat toward company security.
- An increase in healthcare-related breaches is expected.
There are several steps that someone can take to ensure their information is kept secure, but the best weapon against these kinds of attacks are basic security steps and common sense.
- Don’t store customer information longer than necessary. Once the transaction is finished, securely shred or erase any stored customer information, including credit card information or social security numbers. If the nature of your business requires the storage of sensitive customer information, ensure your data storage system is fully compliant and meets the most up-to-date security standards.
- Review your spending history. Check your monthly spending statements and ensure that all transactions on both your business and your personal account are correct. If you see an unauthorized or suspicious transaction, immediately contact your bank or credit card company.
- Be skeptical of e-mails. Don’t automatically assume an e-mail address is from a specific company. Scammers are becoming more and more sophisticated and are capable of creating a legitimate-looking e-mail with ease. Be sure to check the sender’s e-mail address and note any inconsistencies or irregularities before clicking any links. If you are truly skeptical, do not click any links within the e-mail and instead go directly to the purported sender’s website.
- As mentioned above, employees can still be the weakest link in an organization. Ensure that your employees are well-educated in creating secure passwords, trained in the disposal of sensitive information, and encouraged to remain cautious and vigilant.
Unfortunately, there is good reason to believe that the Anthem breach will not be the last major cyber attack this year. But by taking a few proactive steps, the damage done from any attacks can be minimized or even prevented.