Reviewing statistics for data breaches over the past few years, there is a worrying increase in the number of breaches and how quickly they’re happening.
In some areas there has been an almost 30% increase in data breaches over the last six months alone, and experts predict that the number of breaches may double by the end of the year.
In a study conducted by Identity Theft Resource Center and CyberScout (ITRC), comparing trends this half year with the same time period last year, they were understandably shocked by their findings…
ITRC’s president and CEO, Eva Velasquez, noted their shock at their findings:
“Frankly, I was surprised at how significantly the number of breaches has grown… We knew this was a trend, we knew that the thieves would continue to find this lucrative, but the sheer volume of growth has been really surprising.”
A “lack of respect” for cybersecurity
Adam Levine, chairman of data risk management at CyberScout, said his main concern is the lack of respect afforded to cybersecurity. As companies and organisations continue to ignore cyber risks, the numbers will probably continue to grow:
“That’s why the problem keeps getting worse and the number of breaches keeps going up and up and up. Most companies in this country still have not embraced a corporate culture where privacy and security are core values.”
Levin is right, and this doesn’t just apply to the U.S. Even here in the U.K we see entities of all shapes and sizes neglecting to prioritise cybersecurity.
The rankings for this half year in terms of sector were reportedly as follows:
- Business: 7%
- Health/Medical: 6%
- Educational: 3%
- Banking/Credit/Financial: 8%
- Government/Military: 6%
Statistics like these could provide an indication of sector priorities. Unsurprisingly, government and financial information is extremely sensitive and security should always be a top priority. Therefore, a lot of resources are often invested into making sure this information is kept safe and secure. Educational and health institutions reportedly invest less as their information can be seen as less valuable. Nevertheless, it doesn’t mean they can neglect cybersecurity.
Types of data breaches in statistics
According to ITRC and CyberScout, data breaches involving hackers and malicious intent reportedly take the top spot for “breach type”:
- Hacking: 63%
- Employee mistake: 9%
- Accidental web exposure: 7%
Employee mistakes and accidental web exposures have reportedly seen a slight decrease when compared to the same parameters last year. However, this could mean we are seeing an increase in hacking.
It’s not too presumptive to say that hackers and other cybercriminals are getting better and are acting out more attacks. In fact, we know that there are organised hacking groups who use the money they gain from hacks to reinvest in creating better software for future attacks.
The increase by 5% when compared to 2016 is certainly worrying.
Companies, organisations and even individuals need to start giving cybersecurity the respect it deserves. It’s a real problem that requires real action to prevent and mitigate the damage breaches cause.
Here in the U.K, the Information Commissioner’s Office (ICO) is tasked with enforcing data protection, and companies that choose ignorance over action can expect hefty fines and sanctions when data breaches occur.