Mega-Breaches like eBay, PayPal, Sony unsettle users and let them chose the competition.
Besides direct costs (Sony= 172 Mio. $, ebay 130 m $ loss) disastrous damage to one’s reputation occur.
Trusted Shops security certificate is not meeting the legal minimum requirements.
Provider security level is becoming a decision criterion for customers.
Management staff implications
According to the German Law IT security is a top management responsibility which cannot be delegated.
If this obligation for executive care is neglected, personnel consequences are the result as well as personal liability applies.
Target’s CEO and CIO were dismissed following a theft of 110 m customer data sets.
Transport encryption often only encryption measure
Often the legal requirement to „use an encryption method accepted to be secure“ to protect stored personal data is not fulfilled.
Here legal consequences and a monetary fine are possible.
Purchasing conditions and supplier terms are most wanted information.
Sensitive data in a company is information used to be more successful than the competition. This information has to be protected.
Tight trade margins lead to tough price negotiations with suppliers. Competitors are especially interested in the outcome.
Periodical supplier negotiations are a central and vital management tool for trade companies. If supplier succeed in price agreements or know their supplier conditions the negotiations become complicated.
Customer data as target
Professional attackers steal confidential customer data to sell them or to blackmail the company.
Credit card data and payment information become increasingly interesting