We have all said it, heard it or read it, “The Year of the Data Beach has changed everything.” But what does that mean? While the security industry changes fast, people don’t and bureaucracy doesn’t—so how much has really changed?

4 ways the “Year of the Data Beach” is making change

The reality is, the year of the data breach hasn’t changed things as much as it is changing things. Real change takes time. But here are the 4 changes coming our way:

1. CEOs and company boards are recognizing their roles

After seeing Amy Pascal, Sony Pictures Co-Chairman, and Gregg Steinhafel, Target’s CEO, lose their jobs due to data breaches, CEOs and company boards are starting to understand that cybersecurity is their issue, too. They are realizing that a major breach is not just an IT problem; it is a problem that can destroy a careers and companies.

2. CIOs are getting more responsibility

As if CIOs weren’t busy enough, they now have the responsibility of keeping executives “in the know” about cybersecurity. Everyone is more concerned about how to protect company data and is (finally) ready to start taking the steps to do just that. So while it may be stressful to have to report to more people, more often about cybersecurity, those reports could lead to a bigger budget for more resources.

3. CIOs are reevaluating

As Don Baker, CIO with Mediaocean, said in an interview with TechTarget, “You can’t assume what you have been doing year to year for however long is sufficient in the world we live in today.”

A majority of CIOs in every industry, cite security breaches and cybercriminals as their top concerns, but only 21% of the IT decision-makers surveyed said they are truly confident in their system’s ability to mitigate the risk of security incidents. All of these concerns and realities are leading to a revaluation of security strategies.

4. Cybersecurity insurance is gaining popularity

And the price is skyrocketing. Two years ago most CEOs would have laughed at the idea of investing in cybersecurity insurance, but today, cybersecurity insurance providers are laughing all the way to the bank. Businesses are realizing that data breaches are a real threat and that insurance is just one of the many things they need to invest in to protect themselves.

The security world is changing. And while it’s not ideal that it took so many major breaches to get people to take notice, it’s promising to see that businesses are beginning to invest in cybersecurity.