Data Breach Liability: Who Gets Blamed for Cyber Attacks?
Listen to this article – 2:55 minutes
Employees and employers often point fingers at each other when a data breach occurs. Were employees careless with the company’s data? Did the IT department fail to take the proper precautionary measures? Did the vendor sell faulty technology? So, who must own data breach liability? Unfortunately, breaches happen because of the systematic breakdown of security that involves many different factors, especially in large enterprises. In this article at Raconteur, Jonathan Evans explains the responsibilities employers and employees bear in creating a cyber-resilient organization.
Data Breach Liability: Who Must be Blamed for Security Flaws?
According to a study by IBM, the average data breach cost is $3.62 million. Once a data breach is discovered, businesses spend considerable money determining its source. When investigating a data breach, organizations must learn why it occurred. This helps them prevent cyber violations from happening again. Security professionals believe that data breach accountability and responsibility are not always easy to determine.
Who Must Own Data Breach Liability?
Business Managers and CEOs
When business owners do not allot enough budget for IT security solutions, the data breach liability falls on those that make financial decisions. Studies highlight that 29% of IT decision-makers believe that the CEO must own the primary responsibility if a large-scale data breach occurs. Furthermore, 62% of IT decision-makers believe that the CEOs or company’s board must be thoroughly aware of organizational policies to respond to cyber incidents.
Chief Information Security Officers (CISOs)
If data breaches occur even after business owners have allotted a considerable budget and spent adequately on threat prevention measures, the next link in the chain is CISOs. Studies revealed that 21% of IT security professionals would hold CISOs accountable in the event of a data breach. They are responsible when the necessary data security technology is outdated or fails to perform essential maintenance.
Data Security Operations Personnel
Many reports indicate that 95 percent of cyber incidents occur because of human error. This may be because security professionals are simply underqualified. Hiring trained and competent data security personnel to manage upgrades and patches in a timely manner is critical.
To learn more about who must own data breach liability, click on https://www.raconteur.net/technology/cybersecurity/employee-or-employer-whos-to-blame-for-a-cyber-breach/.
The post Data Breach Liability: Who Gets Blamed for Cyber Attacks? appeared first on AITS CAI’s Accelerating IT Success.