+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

THE DATA BREACHES REPORT: The strategies companies are using to protect their customers, and themselves, in the age of massive breaches

Mar 3, 2019, 09:36 IST

BI Intelligence
This is a preview of a research report from Business Insider Intelligence, Business Insider's premium research service. To learn more about Business Insider Intelligence, click here.

Advertisement

Over the past five years, the world has seen a seemingly unending series of high-profile data breaches, defined as incidents in which unauthorized parties access and retrieve sensitive, secure, or private data.

Major incidents, like the 2013 Yahoo breach, which impacted all 3 million of the tech giant's customers, and the more recent Equifax breach, which exposed the information of at least 143 million US adults, has kept this risk, and these threats, at the forefront for both businesses and consumers. And businesses have good reason to be concerned - of organizations breached, 22% lost customers, 29% lost revenue, and 23% lost business opportunities.

This threat isn't going anywhere. Each of the past five years has seen, on average, 1,704 security incidents, impacting nearly 2 billion records. And hackers could be getting more efficient, using new technological tools to extract more data in fewer breach attempts. That's making the security threat an industry-agnostic for any business holding sensitive data - at this point, virtually all companies - and therefore a necessity for firms to address proactively and prepare to react to.

The majority of breaches come from the outside, when a malicious actor is usually seeking access to records for financial gain, and tend to leverage malware or other software and hardware-related tools to access records. But they can come internally, as well as from accidents perpetrated by employees, like lost or stolen records or devices.

Advertisement

That means that firms need to have a broad-ranging plan in place, focusing on preventing breaches, detecting them quickly, and resolving and responding to them in the best possible way. That involves understanding protectable assets, ensuring compliance, and training employees, but also protecting data, investing in software to understand what normal and abnormal performance looks like, training employees, and building a response plan to mitigate as much damage as possible when the inevitable does occur.

Business Insider Intelligence, Business Insider's premium research service, has put together a detailed report on the data breach threat, who and what companies need to protect themselves from, and how they can most effectively do so from a technological and organizational perspective.

Here are some key takeaways from the report:

  • The breach threat isn't going anywhere. The number of overall breaches isn't consistent - it soared from 2013 to 2016, but ticked down slightly last year - but hackers might be becoming better at obtaining more records with less work, which magnifies risk.
  • The majority of breaches come from the outside, and leverage software and hardware attacks, like malware, web app attacks, point-of-service (POS) intrusion, and card skimmers.
  • Firms need to build a strong front door to prevent as many breaches as possible, but they also need to develop institutional knowledge to detect a breach quickly, and plan for how to resolve and respond to it in order to limit damage - both financial and subjective - as effectively as possible.

In full, the report:

  • Explains the scope of the breach threat, by industry and year, and identifies the top attacks.
  • Identifies leading perpetrators and causes of breaches.
  • Addresses strategies to cope with the threat in three key areas: prevention, detection, and resolution and response.
  • Issues recommendations from both a technological and organizational perspective in each of these categories so that companies can avoid the fallout that a data breach can bring.

 

Advertisement

Subscribe to an All-Access pass to Business Insider Intelligence and gain immediate access to:

Learn More

Purchase & download the full report from our research store

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article