Jason Albuquerque
Chief Information Officer & Chief Security Officer | Carousel
Did You Know? 2019 is the Year of Carousel Security Excellence
As we look to appreciate and celebrate Data Privacy Day 2019, I’d like to first take a moment to recap the state of the industry in 2018. Overall, there was great progress, though at the same time there were an incredible amount of breaches, threats, and scandals that hit the news. From the introduction of GDPR to the millions of consumers affected by breaches and identity theft, 2018 was as interesting as it was eventful. It’s estimated that just in the first half of 2018, more than 4.5 billion records were compromised by unauthorized parties. These stats don’t even begin to cover the millions of records stolen by threat actors in the second half of the year, of which we are still waiting for official numbers to be released. 2019 is poised to exponentially outpace 2018.
Looking Ahead: Carousel’s Cybersecurity Center of Excellence
2019 predictions point to more data breaches, cyber threats, exposures, and leaks. In anticipation, we at Carousel have doubled down on our commitment to our clients by taking a “Secure by Design” approach in all that we do—from our managed services philosophy to our deeply ingrained employee security mindset.
From a customer perspective, we aim to reduce the number of vendors in which they can possibly be exposed. Because we have technology across the IT stack, many of our clients use Carousel as the single IT services and solutions provider. Managing the risk of outside vendors is top of mind for every CEO, CISO, and CIO today. In a recent study by Ponemon Institute, the number of companies that suffered a data breach because of third party vendors increased from 49 percent in 2016 to 61 percent in 2018. Even worse, third-party data breaches over a 12-month period increased from 34 percent to 45 percent in 2018. In essence, attackers are targeting partners and vendors to gain access to their targets. The moral of this story is that if the security and data management processes of your technology partner are not comprehensive, consistent and compliant, then neither are yours.
This is why Carousel’s diligent focus on secure operations and secure service delivery is of the utmost importance. Over the course of this year, you will see initiatives highlighting Carousel’s journey to operational maturity making us a true Security Center of Excellence and a model for our clients. Additionally, we are arming our teams with ongoing security education so that they are best equipped to serve as your partner in knowledge and consultation on pressing security trends and threats.
Leveraging our Center of Excellence philosophy, we will model the way, giving our customers the confidence that we are an organization that is cyber-resilient, responsible, and ultimately their trusted partner.
Security is a shared responsibility and we view all of our team members are as cyber warriors! I look forward to sharing more updates throughout the year as we continue to evolve our security strategy. Happy Data Privacy Day!
The threats facing companies today are more complex than they were even a few years ago. Ransomware, for example, used to be considered an annoyance. But hackers have upped their game. The latest generation of ransomware attacks have caused businesses and government entities not only significant financial harm, in some cases they’ve brought operations to […]
As we look to a post-pandemic world, one of the areas of investment we can expect to see is in building resilience to destructive type attacks. 2020 saw a record number of distributed denial-of-service (DDoS) and ransomware attacks, which is only expected to continue through the rest of this decade. Many organizations are now looking to the […]
In an earlier post we looked at typical headcount costs and other expenditures to build and maintain the full scope of cybersecurity capabilities in-house. Those figures often put a completely internal team out of reach, but the good news is that a strong cybersecurity strategy doesn’t need to be an all-or-nothing effort. Here we’ll explore […]
No matter the size, industry, or location, nearly every company today has a cybersecurity strategy. But there are many methodologies your organization can use to protect its digital assets and determining the right approach for your business means balancing your desired cybersecurity posture against your resource availability of staff and money. Given the evolving threat […]