Data security is a hot topic for all businesses. In his first blog of three, Scott Hluhanich explains how security incidents are on the rise and discusses how much these incidents are costing businesses.
In the 2015 US State of Cybercrime Survey, a record 79% of respondents said they detected a security incident in the past 12 months. On average, respondents reported 163 security incidents per organization, an increase from 135 incidents in the year before. This translates to over three incidents per week every week for the entire year. The problem is so prevalent that Gartner predicts that the typical IT organization will spend 30% of its budget on risk, security, and compliance, and will allocate 10% of their people to support these functions this year.
With insider threats emerging as one of the biggest risks to corporate data, employees are arguably the greatest security risk to modern businesses. Whether maliciously or accidentally, staff are still the most likely to cause the most damage during a security breach.
Security breaches cost millions
In 2014, a contractor working for DuPont was found guilty of stealing trade secrets for the manufacture of titanium dioxide, a white pigment used in paper, paint and plastics, and selling them to a competitive Chinese company for $28 million.
This security breach followed several others including the Korean company Kolon Industries Inc.’s attempts to steal trade secrets related to the manufacture of Kevlar®. In 2006, a former DuPont employee accessed and downloaded confidential information estimated to be worth $400 million in the five months before he left for a rival company. ,
A former Dow Chemical Co. research scientist was sentenced to five years in prison for stealing trade secrets and selling them to Chinese companies.
In 2017, Incyte’s director of pharmacology resigned and, in the three months that he continued to work at Incyte, collected clinical trial data that he took his new company, Flexus Biosciences, which was then acquired by BMS for an astounding $1.25 billion. According to court documents, the director provided Flexus details about the molecular structure of Incyte’s IDO-1 inhibitor. Incyte is embroiled in a lawsuit worth $2 billion.
At IDBS, we understand the importance of data security. Vendors of Software-as-a-Service (SaaS) can provide a much higher level of security than standard enterprise IT infrastructure, while also providing the added benefit of data/disaster recovery.
 “Cybersecurity Takes Center Stage yet Progress is Interrupted, finds 2015 U.S. State of Cybercrime Survey”, http://www.pwc.com/us/en/press-releases/2015/cybersecurity-takes-center-stage.html
 “Gartner: IT should simplify security to fight inescapable hackers”, http://www.networkworld.com/article/2989273/security/gartner-it-should-simplify-security-to-fight-inescapable-hackers.html
 “Key findings from the 2013 US State of Cybercrime Survey”, PwC, pg 9
 “California Man Guilty of Stealing DuPont Trade Secrets”, http://www.bloomberg.com/news/articles/2014-03-05/california-man-guilty-of-stealing-dupont-trade-secrets
 “Kolon Guilty in Kevlar Secrets Case, Settles With DuPont”, http://www.bloomberg.com/news/articles/2015-04-30/kolon-pleads-guilty-in-360-million-deal-as-dupont-suit-settled
 “The 2007 Security Hall of Shame”, http://www.computerworld.com/article/2538037/security0/the-2007-security-hall-of-shame.html
 “Ex-Dow Scientist Gets 5-Year Term for Trade Secret Theft”, http://www.bloomberg.com/news/articles/2012-01-13/former-dow-research-scientist-sentenced-to-60-months-in-prison
 “Incyte seeks billions after worker allegedly walks off with cancer drug secrets”, http://www.delawareonline.com/story/money/business/2017/10/13/incyte-cancer-drug-conspiracy-lawsuit/755033001/, accessed Oct. 17, 2017