By Bryan Beatty, CFP®
Egan, Berger & Weiner, LLC
Black Friday. Since the start of the Macy’s Thanksgiving Day Parade in 1924, the Friday after Thanksgiving has been known as the unofficial start to the holiday shopping season.
The “black” harks back to days when accounting records were kept by hand—red ink indicated a loss, black a profit.
Due to the sluggish economy in recent years, this shopping day has become increasingly important to the retail industry.
While this year’s massive hacking scandal at Target, which compromised more than 40 million customers, may not have resulted in us shopping less on Nov. 29 and in the weeks that followed—it has increased our awareness about credit protection. In fact, experts believe Target experienced one of about 600 publicly disclosed data breaches in 2013.
The good news is that there are several things you can do to protect against a breach.
1. Consider using a credit monitoring service. The top 10 services can be found at stopcreditfraud.org. I personally use Lifelock.com, which monitors my credit rating and warns me when credit is attempting to be established in my name. The service can also alert you to dramatic changes to your credit score and personal information.
But is that enough? I don’t think so.
2. Further protect your credit and personal finances from unwanted intrusion or fraud by doing the following:
- Get a password program manager like Password XP, or other password managers recommended by PC magazine.
- Use different passwords for each website you subscribe to.
- Be careful not to write down your passwords in a spot where someone else can find them. Fortunately, a password manager makes that much easier. But if you opt not to use a manager, and must write down your passwords (after all, it’s virtually impossible to remember them all), don’t keep them in your desk drawer at work, or in your wallet.
- Invest in virus-protection software. My two favorites are McAfee and Norton. The reality is that new spam and phishing emails and programs are created every day, so it’s important to protect your computer and data from hackers.
3. Protect the credit of your college students. For kids away at college, consider getting them re-loadable debit cards. It’s a great option for students who tend to lose things, or who might be the victim of a campus crime.
4. Check your credit file at least once a year, especially if you choose not to subscribe to a credit monitoring service. Three companies, which we link to below, offer this service and are required by law to provide a free credit report on request once per year.
Another option: You can pay a small fee for a service that pulls all three files and provides you with your credit score, which is commonly referred to as your FICO Score. (This number accounts for a substantial portion of the credit report that lenders use to assess an applicant’s credit risk and determine whether to extend a loan.)
The bottom line: Crime happens. For proof, scroll down for our sidebar—courtesy of Ponemon Institute and Symantec—on how data breach costs companies around the world.
Data aside, the takeaway message is this: Please, don’t be naïve. Use common sense, and be cautious when using your credit cards to shop online and in stores. Knowing how to navigate the fraud-protection terrain gets you a leg up on protecting your identity—and your hard-earned money.
Questions? Contact Bryan Beatty at email@example.com.
What Is the Cost of Data Breaches?
We all know that data breaches are a reality, but just how much do they cost companies around the world?
The eighth annual benchmark study examines the costs incurred by 277 companies in 16 industry sectors after those companies experienced the loss or theft of protected personal data. The report examines a wide range of business costs, including expense outlays for detection, escalation, notification, and after-the-fact (ex-post) response. It also analyzes the economic impact of lost or diminished customer trust and confidence as measured by customer turnover or churn.
The following are the most salient country differences measured in US dollars:
The most and least expensive breaches: German and US companies had the most costly data breaches ($199 and $188 per record, respectively). These countries also experienced the highest total cost (US at $5.4 million and Germany at $4.8 million). The least costly breaches occurred in Brazil and India ($58 and $42, respectively). In Brazil, total cost was $1.3 million, and in India it was $1.1 million.
Size of data breaches: On average, Australian and US companies had data breaches that resulted in the greatest number of exposed or compromised records (34,249 and 28,765 records, respectively). On average, Italian and Japanese companies had the smallest number of breached records (18,285 and 18,237 records, respectively).
Causes of data breaches: German companies were most likely to experience a malicious or criminal attack, followed by Australian and Japanese companies. Brazilian companies were most likely to experience breaches caused by human error. Companies in India were the most likely to experience a data breach caused by a system glitch or business process failure.
The most costly malicious and criminal attacks: Consolidated findings show that malicious or criminal attacks are the most costly data-breach incidents in all nine countries. US and German companies experience the most expensive data-breach incidents, at $277 and $214 per compromised records, respectively. Brazil and India had the least costly data breaches caused by malicious or criminal attackers, at $71 and $46 per capita, respectively.
Factors that decrease the cost: US and UK companies received the greatest reduction in data-breach costs by having a strong security posture, an incident response plan, and appointment of a Chief Information Security Officer (CISO). The US and France received the greatest cost reduction from the engagement of consultants to support data-breach remediation.
Factors that increase the cost: US companies realized the greatest increase in data-breach costs if caused by a third-party error or quick notification of data breach victims, regulators, and other stakeholders. UK companies had the greatest increase in the cost of a data breach if the incident involved a lost or stolen device.
Countries that lose the most customers following a data breach: France and Australia had the highest rate of abnormal customer turnover or churn following a data breach. In contrast, Brazil and India had the lowest rate of abnormal churn. In the context of this study, abnormal churn is defined as the customer turnover caused by the data breach (above the churn experienced in the normal course of business).
Countries that spend the most and least on detection and escalation: On average, German and Australian organizations spent the most on such detection and escalation activities as investigating and assessing the data breach ($1.3 million and $1.2 million, respectively). Organizations in India and Brazil spent the least on detection and escalation, at $359,406 and $358,478, respectively.
Countries that spend the most and least on notification: Some typical notification costs include IT activities associated with the creation of contact databases, determination of all regulatory requirements, engagement of outside experts, and other efforts to make sure victims are alerted to the fact that their personal information has been compromised. US and German organizations on average spent the most ($565,020 and $353,927, respectively). Brazil and India spent the least amount on notification ($53,063 and $22,232, respectively).
To download the entire report, visit www4.symantec.com.
Information reprinted with permission from Ponemon Institute, ww.ponemon.org, which conducts independent research on privacy, data protection and information security policy. It is the parent organization of the Responsible Information Management (RIM) Council, whose members represent a cross-section of Fortune 500 companies and are champions of privacy and data protection in their organizations.
Bryan Beatty is a CERTIFIED FINANCIAL PLANNER™ Professional and partner at Egan, Berger & Weiner LLC, which is based in Northern Virginia. With more than 20 years of experience in the financial industry, he is a principal of this independent financial services firm, which is experienced in all aspects of investment and retirement planning.
An active member of the Financial Planning Association’s Career Development and College Outreach Committees, Beatty is a graduate of the University of Maryland with a BS in Finance. He was the former president of the Finance, Banking and Investment Society, and he is an avid musician who plays guitar and writes music in his spare time, and occasionally plays area venues.
Originally from Baltimore, Beatty has lived in Northern Virginia since 1992.