Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Be prepared. Or if you’re the majority of companies in North America…don’t?
A new data analysis from the Cybernews Business Digital Index found that 65% of North American companies scored a D or worse on cybersecurity protections, a damning statistic that points to how underprepared businesses are. The breakdown—31% scoring a D and 34% scoring an F—is concerning, all the more so when you consider that only 7% scored an A. Of Fortune 500 companies analyzed, a staggering 84% scored a D or worse.
Vincentas Baubonis, Cybernews head of security research, told IT Brew that while the numbers aren’t good, the findings of the analysis may lead to positive change. While it’s not the responsibility of Cybernews to provide solutions—Baubonis noted that they focus on analysis of publicly available data—he suggested an internal audit, and that companies look at the index as a resource.
“Hopefully, for the next year we’ll see more companies in the A grade, because it’s definitely achievable,” Baubonis said.
Checking in. Data breaches in 2024 reached major companies, including Meta, Fortinet, JPMorgan Chase, and others. As IT Brew reported in September, governments around the world are taking action, levying fines and establishing regulations to enforce data privacy guidelines that aim to ensure the security of information.
“The enforcement that we’re seeing happening around data privacy is probably two, three years ahead of what we’re likely to see in how the cyber rules are being enforced,” NCC Group Head of Government Affairs Katharina Sommer told IT Brew at the time.
Cybernews found that breaches were due in large part to reused passwords and easily accessible domains. Companies that have already had their data exposed, Baubonis told IT Brew, are in the unenviable position of already being targets—and the data, or at least information about the attack, is likely going to stay online for some time. The key is to ensure attackers aren’t able to breach again by pursuing security measures.
“While you cannot delete the data breaches that you had from the internet, you can always prepare more,” Baubonis said.