Data Breaches on the Rise: How to Avoid Becoming a Statistic
Cyber crime statistics today are shocking… and there’s no end in sight.
The number of records exposed in data breaches rose from 822 million in 2015 to over 4.2 billion in 2016, according to the 2016 Data Breach Trends report.
An Identity Theft Resource Center (ITRC) report showed that U.S. companies and government agencies experienced 1,093 data breaches in 2016, a 40% increase over the previous year. But the ITRC said that many breaches are both under-reported and undiscovered.
Forrester Research predicted that healthcare breaches would become as large and common as retails breaches, and that breaches affecting tens of millions of people would become commonplace in the future.
2017 Data Breach Prevention
Here's how you can better protect yourself and your organization this year:
- Keep the Incident Response Plan current. Stay up-to-date about new and emerging threats. Share cyber threat information with your industry and national defence organizations.
- Strengthen password authentication. Cyber criminals are increasingly using information more than once. Since people often reuse their passwords, it’s possible that a company eventually becomes a victim of repeated unauthorized log-ins. Implement password best practices and utilize two-factor authentication.
- Back up data. With ransomware being forecast to be a top concern again this year, regularly back up all data and keep it in a separate place. According to Symantec, there was an average of more than 4,000 ransomware attacks per day in 2016, a 300% increase over 2015 numbers.
- Adopt EMV Chip and PIN technology. Criminals know there is a slow and uneven adoption of EMV technology, and they are focusing on payment-based attacks and targeting self-checkout terminals and smaller franchised retailers.
- Comply with international regulations. According to Experian, breaches involving the loss of international consumers’ data will cause significant damage in 2017. Stay up-to-date (for example, the new General Data Protection Regulation (GDPR) in the E.U. has a 72-hour breach notice requirement, and there are new regulations in Canada this year and possibly in Australia), and be prepared with processes.
- Provide on-going training. Target known breach risks caused by employee error with best practices. Phishing emails is a good example. Phishing emails try to trick employees into clicking on an email link or attachment so hackers can access the corporate network. A common ruse today is to make fake emails look like they’re from the chief executive officer or other high-level manager.
- Put a Mobile Security Policy in place. A Ponemon report showed that 67% of organizations reported having had a data breach as a result of employees using their mobile devices to access the company’s sensitive and confidential information.
- Securely destroy information that is no longer needed. In the 2016 Data Breach Trends report by Risk Based Security, lost, missing and stolen hardware devices and documents were in the top 10 of common breach types. Partner with a document destruction company that provides secure and complete paper and hard drive destruction services.
Learn how a comprehensive document management policy will protect your confidential information from creation to disposal, and help prevent a data breach in 2017.