Ever since the internet emerged as a public information gateway, thieves and pranksters have been working to exploit it for criminal gain. Today, cybercrime is a billion-dollar industry. The perpetrators are no longer lone wolf hackers; they are multi-national cartels who reap mega-profits. They target companies large and small across all industries, inflicting devastating damage to their reputations and bottom lines.
Just last week, Uber disclosed that it paid hackers $100,000 to conceal a data breach affecting 57 million accounts, the latest in a string of scandals and legal problems for the world’s most highly valued start-up. The ride-hailing firm said it fired its chief security officer and deputy for their roles in the breach and the cover up.
Given the existential nature of the threat, it’s surprising to find that, according to a study by NCC Group, only 13 percent of CEOs are directly responsible for managing their company’s cyber risk. Many executives assume such things are the responsibility of IT staff. When hearing of a newswire report of a high-profile cyber-crime incident, they imagine “it can’t happen here.” Unfortunately, when it comes to cyber-crime, it can happen to any company and, sooner or later, almost certainly will.