Already this year, we have a plethora of reports and surveys covering data breaches and insider threats. Don’t have time to review them all? We’ve got you covered with this summary of key findings across 12 reports.
- Almost 58% of organizations that had security incidents over 2017 blamed them on insiders.
- 45% respondents, whether or not they experienced a security incident, still see their own employees as the biggest threat to security.
- The majority of respondents have only partial visibility into what is happening in the cloud, and only 28% of organizations have visibility into IT staff activity.
Kaspersky Lab and B2B International studied over 5,000 businesses around the globe and found:
- 52% of businesses admit that employees are their biggest weakness in IT security.
- Most worry about employees sharing inappropriate data via mobile devices (47%), the physical loss of mobile devices exposing their company to risk (46%) and the use of inappropriate IT resources by employees (44%).
- In 46% of cyber security incidents in the last year, careless or uninformed staff have contributed to the attack.
- Among the businesses that faced cyber security incidents in the past 12 months, 11% of the most serious types of incidents involved careless employees.
- 28% have lost highly sensitive or confidential customer or employee information as a result of irresponsible employees, while 25% have lost payment information.
- Employee carelessness contributed directly to 48% of cyber security incidents, accounting for even more incidents than the theft of devices, which only contributed towards a third (37%) of incidents.
According to security professional respondents:
- 53% of all attacks resulted in financial damages of more than US$500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs.
- The most challenging areas and functions to defend are mobile devices, data in the public cloud, and user behavior.
- 55% said their organizations had to manage public scrutiny of a breach in the last year.
- In 2017, 41% said that security breaches are driving increased investment in security technologies and solutions, up from 37% in 2016.
- Behavior analytics tools are useful when locating malicious actors in networks, with 92% of pros saying these tools work very to extremely well.
Cisco threat researchers also examined data exfiltration trends, using a machine-learning algorithm to profile 150,000 users in 34 countries, all using cloud service providers, from January to June 2017. After profiling users for six months, researchers spent 1.5 months studying abnormalities, flagging 0.5 percent of users for suspicious downloads.
- These users downloaded, in total, more than 3.9 million documents from corporate cloud systems, or an average of 5200 documents per user during the 1.5-month period.
- Of the suspicious downloads, 62% occurred outside of normal work hours; 40% took place on weekends.
- One of the most popular keywords in the documents’ titles was “data.” The keywords most commonly appearing with the word “data” were “employee” and “customer.”
- Rates of data breaches in the last year reported by federal survey respondents are 57% (versus 36% in the total sample), more than three times higher than the federal rate of 18% measured only two years ago.
- 67% of respondents noted cloud privileged users as a top cloud security concern.
- Annual losses for the US are estimated at between $10 billion and $12 billion from cyber crime targeting IP and perhaps $50 billion to $60 billion globally.
- The FBI reported $209 million in ransom was paid in the first quarter of 2016, compared to just $24 million in ransom payments in all of 2015.
The American Journal of Managed Care, study into data breaches in hospitals
- Researchers identified 215 breaches affecting 500 or more people, over the 7-year study period.
- Breaches occurred in 185 nonfederal acute care hospitals. Of these hospitals, 30 suffered more than one breach, while one hospital experienced four separate breaches.
- During the 2009 to 2016 study period, hospitals spent considerable budgetary funds upgrading their IT systems to meet electronic health records (EHR) requirements. Much less was spent on security during that time, despite the fact that cyber crime has been growing more sophisticated over the past decade.
- 73% of studied organizations fell into the novice category, suggesting they have some way to go before they are cyber-ready.
- Organizations with fewer than 250 employees devote a smaller proportion of their IT budgets to cyber (9.8% on average versus 12.2% for larger organizations).
- For a small number of those hit by a breach, the impact went beyond the immediate cost in dollars and cents: 7% said they had lost customers as a result of a cyber attack and 5% said they had found it more difficult to attract new ones. A similar number said they had lost business partners. In 6% of cases the organization had laid off employees.
- 57% of the organizations surveyed claim to be ‘very confident’ in their cyber security readiness.
- So far in 2018, there have been 140 total breaches and 17,635,102 records exposed across the categories of Banking/Credit/Financial, Business, Educational, Government/Military, and Medical/Healthcare.
- The Business category led with 44.6% of the breaches. The Healthcare category followed with 27.9% of the breaches. In terms of exposed records, the Business category accounted for the vast majority of all exposed records at 62.1%.
- The average cost of cyber crime for financial services companies globally has increased by more than 40% over the past three years, from US$12.97 million per firm in 2014 to US$18.28 million in 2017
- The average number of breaches per company has more than tripled over the past five years, from 40 in 2012 to 125 in 2017.
- 60% of financial services companies’ total security costs is spent on containment and detection of cyber breaches.
- The greatest impact of cyber breaches on financial services firms are business disruption and information loss, which together account for 87% of the cost to respond to cyber crime incidents, with revenue loss accounting for only 13%.
- The costliest types of attacks for banks and insurers are denial of services, phishing and social engineering, and malicious insiders. While malware attacks were among the least costly for financial services at $5.46 million per incident on average, malicious insiders cost $169 million, phishing/social engineering cost $196.6 million, and denial-of-service attacks $227.7 million.
- Only 26% of financial services companies have actually deployed AI security technologies, and fewer than one-third (31%) use advanced analytics to fight cyber crime.
- 44% of data breaches are attributable to insiders.
- 90% of insiders displayed no worrying characteristics prior to their attacks.
- 80% of attacks are committed during work hours on company issued software.
- The healthcare industry ranks fifteenth in terms of cyber security health when compared to 17 other major U. S. industries.
- The healthcare industry is one of the lowest performing industries in terms of endpoint security.
- Over 8% of Healthcare/Wellness contractors have disclosed a data breach since January 2016; Aerospace/Defense firms had the next highest breach disclosure rate at 5.6%.
- Researchers found that nearly half of the contractors studied fell below a BitSight grade of C (for the Protective Technology subcategory of the NIST Cybersecurity Framework), with the Engineering and Manufacturing sectors exhibiting the lowest performance among the sectors.
- According to BitSight’s analysis, nearly one in five users for Technology and Aerospace/Defense contractors use an outdated internet browser in the workplace, increasing the contractor company’s exposure to compromise.
Don’t miss a blog post. Sign up for the e-newsletter.