Life’s a Breach: Dissecting a Year of Devastating Data Breaches
Several major data breaches thrust cybersecurity into the global spotlight in 2016. In the Asia-Pacific region, for example, cybercriminals stole 100 GB of government data from the Indian state of Kerala and made off with 300 GB of voter data in the Philippines. These are just two examples of high-profile data breaches that hit in 2016.
Leaked records include data such as credit cards, passwords and personal health information (PHI) that cybercriminals traditionally covet. However, IBM X-Force also noted a shift in fraudsters’ strategies: The attackers behind many data breaches in 2016 also sought unstructured data, such as email archives, business documents, intellectual property and source code.
Data Thieves Up the Ante
According to the 2017 IBM X-Force Threat Intelligence Index, more than 4 billion records were leaked in 2016. That’s more than the combined total of the previous two years. This is unprecedented and clearly shows that the bad guys are getting smarter and data breaches are becoming more devastating.
To put things into perspective, if we multiply the number of data records leaked in 2016 by the average cost per record breached in 2015 ($158), the losses can be projected at over $630 billion, per the 2016 Cost of Data Breach study. Organizations need to act fast and tighten their defenses.
Data breaches are prevalent across industries, but some are more at risk than others due to the sensitive nature of the data they handle. Based on publicly disclosed security events in 2016, the report revealed that the information and communications industries suffered more incidents and lost more records than any other sector.
Defend Your Networks Against Data Breaches
Attacks are growing more sophisticated and causing more damage than ever. All industries are being impacted, and threats from insiders are also on the rise. To assess risks and potential next steps, security leaders should ask themselves these three questions:
- Can I protect my network from bad guys?
- Can I detect intruders who attempt to access my network?
- Can I respond to an attack and quickly get back up to speed?
If the answer to any of the above questions is no, you need to look for an external organization that can orchestrate your defenses and help you build a security immune system.