Widespread Cybersecurity Weaknesses May Affect Consumers: Report

A new report warns that cyber security weaknesses are common among both businesses and consumers, as both groups appear to be largely unprepared for the threat of security hacks. 

The Ponemon Institute and Resilient Systems recently published a report, “The Cyber Resilient Organization: Learning to Thrive Against Threats”, which surveyed more than 600 IT and IT security professionals about cyber threats. It found that some of the biggest cyber security weaknesses that affect companies and may also affect consumers include human error, not being prepared for a cyber attack, being unprepared to respond to an attack, not having efficient backup systems, and not having technology that offers advanced warning about threats.

In the report, Ponemon focused on what they call “cyber resiliency,” or the capacity to maintain integrity during cyberattacks. The report highlighted ways organizations and individuals may be vulnerable to attacks, as well as ways to protect their cyber security.

Did You Know?

Change Healthcare Data Breach Impacts Millions of Customers

A massive Change Healthcare data breach exposed the names, social security numbers, medical and personal information of potentially 100 million Americans, which have now been released on the dark web. Lawsuits are being pursued to obtain financial compensation.

Learn More

About 60% of IT professionals surveyed indicate that their organization did not having technology that offers advance warning of an attack, which can put both companies and consumers at risk.

Only 25% of professionals surveyed said their organizations cyber resilience was high. About 66% said their organizations weren’t prepared to recover from a cyberattack. With a large number of organizations unprepared, the report indicates many consumers may also be ill prepared.

More than half of the organizations surveyed said they experienced a data breach in the past two years, causing the loss of more than 1,000 records containing sensitive information. These incidents can be costly and time consuming for both organizations and consumers, with an average cost of $4 million.

Only about 30% of organizations surveyed said they were adequately prepared to recover from a cyber attack. Nearly 70% of organizations surveyed said they spent the same time or more this year, compared to last year, dealing with cyber security incidents.

Some of the biggest cyber security threats facing both organizations and consumers, include exploiting existing software vulnerabilities, which is done in 86% of attacks, malware is used in 69%, and spear phishing, the use of fake emails that appear to be from an individual or business the victim knows, is used in 56% of attacks.

IT professionals advise that reducing cyber attack risks starts with data awareness. It is important to know how exposed your are to an attack before you can know how you can lower your risk. It’s also important to establish an automated alert mechanism for suspicious activities.

The dangers of weak passwords have been proven from prior attacks, according to IT professionals. Changing your password frequently and using more sophisticated passwords is important.

Some of the key barriers to proper cyber security resilience was insufficient planning and insufficient risk assessments. The top three security technologies to improve cyber resilience include identity management, incidence response, and intrusion detection.

More than half of respondents to the questionnaire rated the value of cyber resiliency as essential to achieving strong security.

0 Comments

Share Your Comments

I authorize the above comments be posted on this page*

Want your comments reviewed by a lawyer?

To have an attorney review your comments and contact you about a potential case, provide your contact information below. This will not be published.

NOTE: Providing information for review by an attorney does not form an attorney-client relationship.

This field is for validation purposes and should be left unchanged.

More Top Stories

MDL Judge Schedules Ozempic Lawsuit Status Conferences Throughout 2025
MDL Judge Schedules Ozempic Lawsuit Status Conferences Throughout 2025 (Posted 2 days ago)

With the first Ozempic lawsuit bellwether trials not expected to begin until at least late 2026 or early 2027, the court will address motions to dismiss and other “cross cutting” issues in 2025.