About 21% of companies use cloud providers to store and retrieve data. Of those, only 54% have an incident response plan for cyber breaches, including the theft of confidential customer information, according to Chubb’s 2013 Private Company Risk Survey.
“This is surprising in light of the fact that a large number of these firms have been sued in recent years by employees, customers, government agencies and other parties,” said Tracey Vispoli, senior vice president and specialty insurance global customer segments leader with Chubb.
While individuals and businesses continue to embrace the convenience of technology, it is also causing people greater concern.
“In general, everyone in the Information Age tends to think data is an asset and that if you can collect it, then you should, because it’s cheap to store,” said Marilyn Prosch, associate professor at Arizona State University. “If you don’t need it, then don’t collect it, and only keep what you need for the required amount of time.”
According to the Travelers’ Consumer Risk Index, 64% of individuals cite personal privacy loss or identity theft as a significant concern.
“Since the release of Zeus malware in 2007, electronic funds fraud has become common,” said Dr. Ken Baylor, research vice president with NSS Labs, which tests firewall products and network security devices.
Electronic funds transfer fraud involves fraud crews, often based in ex-Soviet Republics, who scour LinkedIn for finance directors at companies and send them legitimate-looking emails about compliance and fraud. “Once the email is opened, the malware installs and accesses electronic transfer data,” Baylor toldMainStreet.
For the individual, electronic transfer fraud is less common because consumers can move small amounts of cash but not much more and banks tend to reimburse consumers under Regulation E, which refers to the Electronic Fund Transfer Act that was passed by Congress in 1978 and implemented by the Federal Reserve Board.
“Ideally, companies with which you do business, including financial institutions, use dual authentication and tokens to preserve the securityof accounts,” said Linda Kornfeld, partner in Kasowitz, Benson, Torres & Friedman in Los Angeles.
Other ways to lessen chances of cyber fraud include:
- 1. Think before you share information with any site or person on the Internet.
- 2. Be informed by doing your homework and reading privacy policies.
- 3. Never log in to online banking sites from public networks at hotels, coffee shops, airports, etc.
- 4. Use different passwords for finances than for social networks and games.
- 5. Protect home computers by closing home networks. Otherwise, neighbors or their visitors and other strangers can gain access.
- 6. Only give out social security numbers on a secured network. Look for https not http.
- 7. On social networking sites, such as Facebook, switch all privacy settings to friends only. “Technology has changed so rapidly that it will take a while for controls to catch up but data minimization is the way we are moving,” Prosch said.
- 8. Do not answer 20-question lists on social networking sites.
- 9. Periodically, review credit reports from credit bureaus, such as Experian.
- 10. Do not allow children to have the location-based options activated on their mobile devices, including portable game devices.