IRVINE, CA — (Marketwired) — 01/05/16 — According to the by Privacy Rights Clearinghouse, a nonprofit organization that aims to raise awareness about how technology affects personal privacy, the number of companies that experienced a data breach in 2015 reduced by 44% since 2014. At first glance, it would seem that predictions about 2015 being the “Year of the Super-Mega Breach” did not come true. But a closer look reveals that hackers stopped wasting time on trifles and focused on jackpots instead. Fewer incidents resulted in over 197 million compromised records, compared to 295 million in 2014.
Furthermore, security experts still cannot assess the actual damage for 68% of data breaches, so obviously the number of compromised accounts is going to increase. Apparently, cyberattacks have become more targeted and sophisticated than ever and now pose an equal threat to all companies that handle any type of sensitive data, including financial and personal.
Netwrix Corporation, a provider of software that delivers complete visibility into IT infrastructure changes and data access, has picked out five patterns of cybercrime that were the most common root cause of security incidents in 2015. The data breaches listed below are ranked by the number of reported cases and point to the security threats that will require the most vigilance in 2016.
1. Malware and electronic entry by an outside party remained the leading cause of data breaches for the second year in a row. Overall, 92 registered cases occurred because hackers gained unauthorized entry into a company–s systems via Web app attacks, spyware, social engineering and Trojans. This includes the lion–s share of all customer data compromised (around 195 million records).
2. The second most frequently reported type of cybercrime was the unauthorized access to information stored on portable devices, including laptops, smartphones and external hard drives. Overall, 28 security incidents investigated to date resulted in the loss of over 20,000 sensitive data records this year.
3. The human factor is still a serious issue for data security. More than 38,000 records were exposed in 26 incidents due to employees– errors, such as misdirected emails and confidential information accidentally posted on companies– websites.
4. Company employees or contractors with legitimate access to sensitive information posed a threat to data integrity in 11 cases. Despite the relatively small number of incidents, insiders caused significant damage and compromised more than 600,000 customer records.
5. Lost, discarded or stolen, non-electronic assets with sensitive information (e.g. paper documents), as well as card skimming and theft of stationary devices, became the root cause of data leaks in five cases, resulting in the loss of 1,100 records.
“Although we saw fewer security incidents than expected, the actual damage from data breaches is still substantial. What is even more disturbing, more than half of all breaches are still at the stage of investigation, and we don–t know their real scope yet,” said Alex Vovk, CEO and cofounder of Netwrix. “The huge number of compromised records shows that we are still lagging behind highly motivated intruders. We need to adopt a new cybersecurity mindset and combine conventional perimeter protection with deep visibility into our networks to gain better control over the IT infrastructure and minimize the risk of data loss.”
Netwrix Corporation provides IT auditing software that delivers complete visibility into IT infrastructure changes and data access, including who changed what, when and where each change was made, and who has access to what. Over 150,000 IT departments worldwide rely on Netwrix to audit IT infrastructure changes and data access, prepare reports required for passing compliance audits, and increase the efficiency of IT operations. Founded in 2006, Netwrix has earned more than 70 industry awards and was named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest-growing companies in the U.S. For more information, visit .
Erin Jones
Avista PR for Netwrix
P: 704.664.2170
E:
You must be logged in to post a comment Login