IT security is fundamental to achieving business objectives—which means that understanding and managing IT risk is also fundamental to achieving business objectives.
British Airways’ experience described in this article underscores that cybersecurity is important, and Canadian entities preparing for mandatory security breach reporting and notification coming into force soon can take lessons from British Airways' response to a security breach.
The malevolently-inclined are getting more ambitious (a 2014 study by the Ponemon Institute that evaluated security-breach costs in the retail sector suggests that average size of a breach is about 30,000 records) and more damaging (average loss is now about $105 per stolen record). The same study estimated that the average cost of a cyber-crime for the retailer is about $3.15-million. These are average numbers only: recent large-scale retail breaches have involved records in the millions, with costs similarly increased. Although the article was written before the holidays, the tips provided are still very useful to manage the risk of security breaches.