Data breaches are a little like the flu: stomach churning, head splitting and without a foolproof way to prevent getting sick.
“It’s impossible to live in a bubble and do business,” says Greg Young, a security researcher at Gartner. “As long as you have technology and have people, you are at risk.”
But that doesn’t take businesses off the hook for good hygiene. Just like you and I still wash our hands, and even get a flu shot to try to avoid illness, companies have to do the same to avoid a breach.
“People still need preventive-type equipment and preventative-type devices,” says Josh Goldfarb with the cybersecurity company FireEye.
Now, he says, cybersecurity firms are looking beyond those basics. “They are realizing they also need to focus on the subject of detection and response.”
Cybersecurity is now the hand soap and the doctor and the Tamiflu.
But the new reality, that companies will get hacked and won’t always get treated quickly, means there’s a growing business cleaning up messes.
Robert Shaker, from the cybersecurity firm Symantec says the cyber insurance market is growing quickly.
“Some companies don’t currently have a cyber insurance department are creating them. Customers are flocking to brokers to for this kind of coverage.”
And, no doubt, coughing up some cash to pay for it.