In 2015, we saw more data breaches and larger data breaches than ever before with almost half of all organizations suffering at least one serious security incident / data breach in the past 12 months. IDC predicts that by 2020, more than 1.5 billion people, or a quarter of the world’s population, will be affected by data breaches. Given this state of affairs, one would assume that organizations would be wary to call themselves prepared.
The Association of Corporate Counsel (ACC) recently released its State of Cybersecurity Report giving a legal insider perspective to the current cybersecurity practices, prevention, protection and response standings at more than 800 organizations across 30 countries.
After several years of discussion, the Cybersecurity Act of 2015 was signed into law as part of the 2016 omnibus spending bill. The Cybersecurity Act of 2015 encourages sharing of cyber threat information between private businesses and the federal government. In addition to the sharing of threat information, the Act will require the federal government to release periodic cybersecurity best practices.
We know that 90% of organizations will suffer at least one security incident this year: no organization is immune. With the number of data breaches consistently on the rise, and the breadth and cost of those breaches rising as well, there is no question that data breach prevention is key for every organization. While it’s important to prevent and mitigate the damage from breaches, it’s just as vital to know that they have happened at all.
According to the ITRC, there were 277 reported data breaches in healthcare during 2015, which accounted for 35.5% of all data breaches recorded in the US last year. While the number of data breaches in healthcare came second to the business sector, the data breaches in healthcare nonetheless accounted for 67% of all breached records – over 112 million breached records.
In 2015, we saw more data breaches and larger data breaches than ever before. Shifts such as mobility, the cloud and even workforce composition have created an ever-expanding attack surface that continues to threaten corporate data. It’s now recognized that people are the root cause of most data breaches, as many as 90% of all breaches, either inadvertently or maliciously putting data at risk. The expansion of the attack surface through mobility, the cloud and even IoT has just increased the number of ways that “people” can put data at risk.
In the Worldwide Security 2016 Predictions, IDC predicts that by 2020, more than 1.5 billion people, or a quarter of the world’s population, will be affected by data breaches. We can already see that the large scale of recent data breaches has drastic effects that move beyond hard costs, affecting consumer trust and loyalty:
It’s safe to say that 2015 will be remembered as the year corporate data loss entered the mainstream. It seems like every week there was news around another major data breach or cyber attack. Indeed, throughout the course of the year many records were broken – and not in a good way. This year, there have been 766 data breaches affecting a total of 177,840,420 records, more than double the records breached in 2014. And that’s only the breaches we know about or whose numbers have been disclosed.