A recent survey conducted at the Black Hat USA 2014 security conference in Las Vegas, Nevada, last month showed the dwindling impact of Target’s infamous data breach in both security awareness for company executives and their security budgets.
Survey respondents were asked which security event had a greater impact on their budget and executive security awareness of cybersecurity: Target’s data breach, the Snowden leaks or the increase in targeted threats.
Key findings from the 215 conference attendees surveyed include:
- 42 percent said the Target breach had a greater impact on their security budgets.
- 31 percent said the Target breach had a greater influence on their executives’ security awareness.
- 22 percent said targeted threats had a greater impact on their security budget.
These results represent a significant drop in awareness since the same questions were asked at the 2014 RSA conference in February. At that time, 52 percent of respondents said the Target breach had a greater impact on their security budgets, and 56 percent said the Target breach had a greater impact on executive awareness.
“We all tend to be swayed by the most recent information security events,” said Dwayne Melancon, chief technology officer for Tripwire. “The responses to this survey are consistent with that behavior, and it’s a reminder that we all tend to relax our vigilance and become complacent over time.”
“Instead of focusing on the latest breach headlines, I recommend that each organization focus on the equivalent of the Target breach for their specific business,” said Melancon. “This approach helps to focus resources on events that would inflict the most brand and customer damage.”
Although the security awareness surrounding the massive breach has begun to fade, the retail giant is still struggling to recuperate nearly half a year after the incident. Earlier this month, Target released a statement announcing its second quarter financial results, including an expense of $148 million for breach-related expenses, as well as an estimated drop in revenue.