Surprised Employee

You’ve Got To Be Kidding!


A study conducted by The Identity Theft Resource Center (ITRC) and DIG.Works show that most victims fail to take action. 1,050 people were surveyed.

This is an alarming finding. Failure to act leaves victims vulnerable to more attacks.

A Significant Gap Between Awareness And Action

  • 16% failed to take any action after receiving a notice of a breach. 
  • 97% didn’t freeze their credit after a breach notification.
  • 85% continued to reuse passwords.

Why Don’t People Act?

  • 26% felt that their data was already on the Dark Web, so why bother.
  • 29% waited for the responsible organization to act.
  • 17% did not know what to do—and didn’t bother to find out!
  • 14% thought the notice was a phishing scam.

What Can Companies Do?

  1. Use cyber-tools to do as much heavy-lifting as possible. This means using EDR, SIEM, SOC, and MTR.
  2. Put IT Policies and Procedures in place, so employees know what to do.
  3. Watch over the network and address problems immediately.
  4. Establish a managed User Security Awareness Training program. Active management is vital, and non-compliance must carry consequences.
  5. Follow an established security protocol. NIST is one—there are others.
  6. Get cybersecurity insurance. Protect your organization from the financial impact of breaches.


I encourage everyone reading this post to download the study. It is a short read, but the implications are powerful.

Companies are not only battling criminals but human nature. After all, it is easier to do nothing. Take action—now!

XSolutions is an IT Services Provider serving New York (NY), New Jersey (NJ), and Connecticut (CT). We provide Managed IT Services | Managed IT Security | Backup & Disaster Recovery| Cloud Data Protection | Security Awareness Training. Call (845) 362-9675 for a free consultation.