23 July 2015

The companies which really need to invest in security to stay in business

Organisations should prioritise security above all else or be prepared to struggle to stay afloat if a security breach exposes customer data, warns security firm Trend Micro. The company mentioned the recent Ashley Madison dating website hack as one case where individuals, especially married ones, might be expected to be unhappy to be outed as customers.

"It's about protecting private, personal details and a reputation. When personal details of this nature become public, this opens up the breach victims to blackmail and extortion—at the very least, they could expect situations that involve Internet shaming and awkward explanations," the company noted in a statement.

According to Trend Micro, there are many other companies which need to focus on security to the nature of their business: 

Online retailers such as Lazada, Zalora, Taobao, or basically any company which sells anything online
"Customers want to have the ease of being able to shop online without being at risk of having their personal details exposed and stolen. With multiple transactions involving credit card details and banking information, it’s a gold mine for cyber attackers," the company said.

Cloud storage and sharing services - DropBox, iCloud 
Anything gets saved on these services, including confidential data. "Ensuring server security and providing secure processes such as two factor authentication reduces the risk and increases security for data storage. Similarly, let’s not forget that users also have to play their part in being savvy on having hard-to-guess passwords and so on," Trend Micro commented.

Messaging services - Line, WhatsApp, WeChat, and email services - Gmail, Yahoo, Outlook.com 
Eavesdropper alert - what if private conversations were made public? While messaging services need only worry about hackers stealing conversations or customer information, breaching email is the jackpot. Besides being a source of confidential data and conversations, email is often a method of authentication, and a common way of getting phished. Trend Micro’s 2014 Roundup Report Magnified Losses, Amplified Need for Cyber-Attack Preparedness showed an 88.65% increase in the volume of phishing sites in 2014, so the danger is worse than ever before.

"It’s on both the business and the user to provide and understand security measures that should be taken. Being cautious to targeted attacks such as phishing scams is one example," Trend Micro said. 

"Companies that hold the personal data of their users need to go above and beyond what regulations call for, to reassure their users that they are doing all they can to protect their users."