Despite the fact that the number of data breaches and damage caused by them continues to rise, organizations are becoming complacent.
"Companies are becoming more and more complacent about dealing with data breaches," he says. "We've become anaesthetized. We know there isn't a long-term impact on stock price."
In the short term, he says, a massive data breach may cause you to take a hit in the market, but if you can ride that out, the long-term effect on your stock price is likely to be nil. Still, groups like the European Union are coming out with regulations around personally identifiable information (PII) backed up by fines with teeth. New developments in legislation and regulations are likely to catch your organization out unless you shake off the complacency.
ISF recommends reviewing all potential jurisdictional liabilities based on the location and volume of data handled. It also recommends ensuring that liabilities for data breaches are clearly stated in supplier contracts.