EDITOR’S QUESTION
////
/////////////
doing enough to act on vulnerabilities that
could be detrimental to their reputation.
Only 58% of businesses have taken action
towards implementing five or more of the
government’s 10 Steps to Cyber Security. In a
GDPR world in which the average business is
aware of data security best practices and look
to partner with businesses they trust to help
them prevent attacks, it is vital companies
have the ability to demonstrate verifiable
processes they take to secure their software.
R
eputation is an immeasurable
asset to any company. A survey
by Gemalto of 10,000 individuals
found 70% would stop doing business with
a company that had experienced a data
breach. Not only does it increase sales and
aid with employee retention, it also impacts
a company’s valuation and plays a vital
role in the level of customer trust created
through a brand’s identity.
A data breach can represent a critical
failure of trust among investors, employees,
partners and customers. With approximately
30% of all breaches occurring as a result
of a vulnerability at the application layer,
software purchasers are demanding more
32
INTELLIGENTCIO
insight into the security of the software they
are buying.
As cyberattacks increase, there remains
a lack of training on secure coding that
can help companies mitigate against
vulnerabilities that can lead to breaches. We
also need to educate companies on how
they can reduce their security debt and that
they are within their rights to demand the
security of software they are interested in
purchasing. After all, the software supply
chain in use at any company represents
significant risk.
Although cybersecurity incidents make
headlines daily, companies still aren’t
According to a report by Bitglass that
analysed the top three breaches of the
past three years, publicly traded companies
suffered an average drop of 7.5% in their
stock values and a mean market cap loss of
US$5.4 billion per company. In addition, it
reportedly took 46 days, on average, for those
stock prices to return to their pre-breach levels.
To date, the stock price of Equifax has not yet
recovered from its breach.
No matter how sophisticated your security
posture is, everyday cybercriminals find new
ways to launch attacks. Companies need
to be prepared to act when a breach does
occur by following best practices, including
taking steps to make their code as secure
as possible. The way a business proactively
prepares to prevent a data breach directly
impacts the reputation of a company, not
only in the eyes of the customer, but also
prospective customers and even employees.
www.intelligentcio.com