Reducing the Occurrence and Impact of Data Breaches through Strong Practices and Procedures
By Billie Elliott McAuliffe
From the news on television or stories on the Internet, it may appear that only large companies in certain
industries are the targets of hackers and the victims of data breaches. But, that is in no way true. No
company, no matter the size or the industry is safe. And, we are all the victims of these data breaches.
Ten years ago, most companies’ approach to cybersecurity and data breaches was reactionary.
Companies did not have adequate plans in place to handle breaches and executives were often
dumbfounded and caught unaware when a breach occurred. After a number of big players (e.g., Anthem,
Target, Equifax) fell victim to cyberattacks, more companies began to understand the need for robust
cybersecurity, business continuity and incident response practices and procedures. Despite this, many
companies are still lagging behind.
The Poneman Institute, in its 2018 Cost of Data Breach Study: Impact of Business Continuity
Management, which was sponsored by IBM, surveyed 477 companies in 13 countries that experienced