Data Breach Trends

By Henry Bagdasarian

Data breach trends are usually derived from known security incidents which have been reported by companies and others. Unless incidents are discovered and reported one way or another, data breach trends can not be established because incident details such as vulnerabilities and types of attacks may not be available to analyze trends.

Although some data breach incidents are never discovered by companies where the incidents occurred due to the lack of active monitoring, or reported in order to avoid media and public scrutiny, there is some indication that the overall security posture of companies has improved resulting in less incidents however, when incidents occur, they are likely to have a greater impact and be highly publicized.

Often, excess accumulation of consumer data and lack of security controls to prevent repeated cases of data breach incidents such as unencrypted laptops and removable media create problems for companies. For example, security incidents which do not result in the loss of personal data rarely receive the high publicity that personal data breach incidents normally receive.

Due to the repeated nature of some incidents, it appears that some companies do not learn from their mistakes or incidents which have occurred in other companies. Let’s take a moment to explore and analyze the data breach trends based on available information to better manage these risks going forward.

Common Data Breach Trends

1. Companies are encouraged and even more comfortable with reporting their data breach incidents. Most security incidents are self-reported by the affected companies which are also encouraged by governments to report incidents in exchange for reduction or elimination of fines and penalties. This voluntary reporting is meant to encourage information sharing and collaboration in the fight against security breach incidents.
2. Schools appear to be easy targets for hackers which account for about 20% of all reported security incidents. One reason why schools are great places to steal identities and commit identity fraud is that there is plenty of personal information.
3. Company insiders continue to contribute to information theft. The insider conspiracy and collusion with outsiders is the easiest and cheapest way to steal an organization’s information assets including personal information of employees, students and customers. It’s especially easier to convince an insider to commit an illegal act when the economy is bad and extra cash can come in very handy. Knowing this fact, it’s even more important to monitor employee activities as well as system activities to detect suspicious download of information during unusual business hours. Some companies even monitor employee credit files to detect unusual and inconsistent lifestyles when compared to the employees’ job junction and salary within their organization. The insider factor may typically be less of an issue for educational institutions because they do a better job at screening their employees and completing background checks than some other industries due to the nature of their business and long standing history.
4. The incidents appear to be linked to organized crimes. More and more, organized groups seem to be behind the biggest identity crimes whereby specialized skills are acquired and used to commit crimes. Such criminal plans may require the skills of a technical person to penetrate the systems and steal the information, or a seller to find buyers and close deals. Experienced identity theft criminals understand the financial value of personal information and sometimes they combine their collective skills to organize a profitable business. Identity theft is not a new business trend but rather an evolving old business which leverages valuable targets.
5. Human error is the single largest cause of data breach incidents. Yes, human error can be the single largest cause of many disasters and not just security incidents, and yet the easiest and cheapest to prevent. Most often, employees are not aware of company policies OR fail to follow the rules thus jeopardizing the security of their organization’s information assets. It’s very important to educate employees regarding company policies and consequences of violations, and then monitor to ensure compliance with prescribed directives.
6. Bad economy and recession contribute to the security incidents. People are more inclined to commit fraud and illegal acts when they are most desperate. Companies and individuals alike must be extra careful during bad economic times to protect their identities.
7. Lost laptops and removable storage media are major causes of security incidents. Why? Because they are sometimes not encrypted. Laptops and removable storage devices are great creations which allow us to easily transport data but the problem arises when such devices a) can be easily lost or stolen, b) are not encrypted, and c) are widely used.
8. Computer hackers use advanced tools to locate and exploit system security vulnerabilities. This is one of ongoing data breach trends which continues to evolve and must worry organizations which are behind in the technology spectrum. Advances in technical hacker capability can only be countered with similar or better counter threat knowledge, skills, and systems.

Finally, paper breaches are down significantly but still account for about 20% of all security incidents. This data breach trend confirms that our information protection efforts must not be solely focused on information technology risks.

The battle against data breach incidents must be primarily fought through risk assessments, continued monitoring of external data breach trends and causes, policies and procedures, compliance monitoring, education, and training. A consistent national strategy must also be deployed and enforced to improve the security climate which is what the European Data Protection law is intended to do.

Train and certify your employees to eliminate data breach trends.