A new survey published by Lookout, a mobile security firm in San Francisco, shows that certain hacking incidents spurred action far more than others.The survey asked 500 information technology workers, if they were familiar with recent profile hacks and, if so, if the incident had led to reviews or changes or their security protocols.
The 2014 Sony hack
The infamous case of North Korean hackers infiltrating Sony’s computers wrecking havoc with company files and emails—created the biggest chills among IT types. The survey reports that 93.4% of respondents were aware of the “hack of the century,”and that it led nearly all of them (92.2%) to review their security practices.
The 2013 Target Breach
The mother of all breaches. This disaster involved hackers exploiting a third-party payment vendor to steal millions of customers’ credit card and personal information. The episode hit Target in the pocketbook and contributed to the exit of its CEO. Thus, it’s no surprise it left an impression in security community: 86.6% of respondents said they had heard about it, and 69.1% decided to check security protocols in response.
The 2015 Office Personnel Management
This is technically the U.S. government, but it was still a doozy involving Chinese hackers who pilfered the identify and social security numbers of millions of federal workers. Among IT workers in the survey, it made a bigger impression than big corporate hacks like LinkedIn. While only 55.9% percent had heard of it, about two-thirds of them reviewed security in response. More generally, the report posits that IT workers are suffering “breach fatigue” because the take-action response has been declining for more recent incidents, such as those involving and the FBI, and the SWIFT financial transfer system.
Another interesting aspect of the survey is where the respondents directed their attention after hearing of one these breaches: employees’ use of mobile devices and weak password choices. (The focus on employees is perhaps no surprise given how many use their credentials in ill-advised ways—like signing up for dating sites).