4.1 Billion Records Compromised
Despite the growing cybersecurity awareness, better security budget allocation, and best efforts by business leaders and their cybersecurity teams, the rate of successful cyber attacks seems to be growing at an alarming pace.
Just recently, Risk Based Security released its 2019 MidYear QuickView data Breach Report which highlights the startling number of data breaches that have already occurred during the first half of 2019. The numbers are an astounding 50% higher than the stats from the first half of 2018. As a result of the 3,816 data breaches that have occurred in 2019, about 4.1 billion records were compromised. Surprisingly, only the top eight of those data breaches involved 3.2 billion of the 4.1 billion total compromised records. These stats are especially shocking considering a great number of data breaches still go undisclosed.
Cybersecurity Isn’t for the Giants Only
The report indicated that 67% of the reported breaches occurred in the business sector. This means that the business sector alone accounts for 84.6% of the exposed records. The fact is that not all data breaches make headlines. For every big data breach that impacts an industry giant and compromises millions of records, there are hundreds of small but successful cyber attacks carried out by ‘script kiddies’ on small firms with weaker security. Most of the data breaches end up exposing even less than 10,000 records. But whether it’s a few hundred or a couple of billion records, compromised user data almost always results in a tarnished reputation and lost business. It is altogether wrong for business leaders to assume that they are too small to attract cybercriminals.
Healthcare and Financial Institutions Remain Vulnerable
As expected, the current year was bleak for healthcare and finance as well.
In healthcare, Quest Diagnostics faced a data breach compromising 12 million patient records. The very next day, the same breach impacted LabCorp as well, leaving 7.7 million records exposed.
In the finance sector, Desjardins, Canada’s largest credit union, had 2.7 million individual and 173,000 business records stolen. It was Desjardins’ own employee who stole huge volumes of personal and sensitive data. All in all, there were 224 breaches in the healthcare department and 183 in the finance department. These stats reiterate the importance of investing resources in cybersecurity in these sectors specifically.
The Insider Threat is Real
Insiders remain one of the most common threat actors causing about 60% of the data breaches in the first half of 2019. From incorrect disclosure to wrong recipients, employee negligence remains one of the leading causes of security incidents. Responding to phishing attacks is also a major challenge that organizations, across industries, need to overcome.
While organizations focus on the external threats, it’s all too easy to forget the enemy within. Whether it’s negligence or malicious intent, insiders can cause a serious threat to an organization’s integrity. To deal with the insider threat, business leaders must invest in cybersecurity awareness trainings along with the latest security tools and technologies.