By now, companies and consumers alike are well aware of the threat of a data breach. Large and small businesses across every sector have been targeted, and many customers are now familiar with the notification that their username, password or other details might have been compromised.
The unfortunate fact is that, despite efforts on the part of cybersecurity vendors and enterprises, the rate of infection and the vast number of threats continues to rise. Hackers are savvy and can adjust a sample just enough to fly under the radar of advanced security solutions. Worse still, once they’ve broken through the back door, cybercriminals can remain within systems and infrastructure for longer periods, stealing and snooping on more sensitive information in the process.
Today, we’re taking a closer look at the overarching environment of data breaches, including the stats and figures that demonstrate the size and impact of current threats, what takes place during and after a breach, and how enterprises can improve their protections.
By the numbers: Top data breach threats
There’s no shortage of facts and data when it comes to data breaches. According to current reports – including Trend Micro’s 2018 Midyear Security Roundup: Unseen Threats, Imminent Losses – some of today’s top threats include:
Mega breaches on the rise
Once an email recipient opens such a link or attachment, it’s akin to leaving the door wide open for intruders.
Current data shows that it takes an average of 191 days to even realize that a breach has taken place, according to Small Business Trends contributor David William. That’s about 27 weeks, or more than six months.
“This slow response to cyber-attacks is alarming,” William wrote. “It puts small businesses in a precarious position and demonstrates a dire need for cybersecurity awareness and preparedness in every business.”
Compounding this problem is the fact that the longer hackers are able to stay within business systems undetected, the more time they have to steal data and other sensitive intellectual property. This has contributed to a steep rise in mega breaches, Trend Micro research shows, which involve the exposure or compromise of more than one million data records.
Leveraging data from Privacy Rights Clearinghouse, Trend Micro researchers discovered that overall, there has been a 16 percent increase in mega breaches compared to 2017. During the first half of 2018 alone, 259 mega breaches were reported, compared to 224 during the same period in 2017.
Surprisingly, and unfortunately, the majority of these instances came due to unintended disclosure of data. Those that resulted from hacking or malware was slightly less, and a smaller percentage came as a result of physical data loss.
And, as researchers pointed out, the loss or compromise of data isn’t the only issue to be aware of here.
“There are substantial consequences for enterprises that are hit by data breaches,” Trend Micro researchers wrote. “Recovery and notification costs, revenue losses, patching and downtime issues, and potential legal fees can add up: A mega breach can cost companies up to $350 million.”
How does this happen? Typical steps within a data breach
One of the first things enterprises can do to bolster their security protections is to support increased awareness of data breach processes and what takes place before and during an attack.
In this way, stakeholders – particularly those within the IT team – can be more vigilant and proactive in recognizing security issues or suspicious behaviors that might point to the start of an attack.
As Trend Micro explained, there are several steps that most data breaches include:
Depending upon the business, the industry in which it operates and the type of data stolen, hackers will then either look to sell this information, or use it to support other malicious activity. Attackers will most often look for details like customer names, birth dates, Social Security numbers, email and mailing addresses, phone numbers, bank account numbers, clinical patient information or claims details.
“Hackers search for these data because they can be used to make money by duplicating credit cards, and using personal information for fraud, identity theft, and even blackmail,” Trend Micro stated. “They can also be sold in bulk in Deep Web marketplaces.”
The current breach environment is sophisticated and challenging for overall enterprise security. To find out more about current threats and how your organization can protect its most critical data and systems, connect with the security experts at Trend Micro today.