According to the World Economic Forum’s 2018 Global Risks Report, cyber attacks are one of the top five highest risks to global stability in the next five years.
Cyber attacks in 2018 come in many shapes and sizes, but common to all is that no one is truly safe anymore. But who is most at risk and what can be done to keep the risks at bay?
Verizon’s 2018 Data Breach Investigations Report concludes that the healthcare sector is most at risk of suffering a data breach, with close to a quarter of all data breaches affecting the sector. Healthcare is closely followed by accommodation, the public sector, retail, and finance as the most at risk sectors.
Beware the insider threat
A separate study conducted by Verizon, the 2018 Protected Health Information Data Breach Report, takes a deeper dive into these numbers. The study reveals that 58% of healthcare security breaches are caused by insiders, indicating that employees are by far the largest security threat to an organization.
Insiders are defined as employees, temporary workers, contractors, and business partners and the damage they cause can be either accidental or malicious. Malicious attacks could be anything from financial fraud to a disgruntled former employee stealing confidential information or deliberately corrupting valuable company data. Accidental insider attacks are often caused by human error and can be much harder to detect. Either way, the fallout is significant, from both a financial and reputation perspective, and could be prevented by being in control of which individuals in the organization have access to what, and why.
Most commonly breached data
What then is the most common type of data compromised in a data breach? According to Verizon’s 2018 Data Breach Investigations Report, personally identifiable information (PII) is the most compromised data in breaches, with 36% of all breaches leaking this kind of data.
With Kaspersky’s State of Industrial Cybersecurity 2017 study showing that 55% of organizations allow third parties including partners, suppliers, and service providers to access their network, this is food for thought. Enterprises which allow third parties to access their systems are according to the survey 63% more likely to experience a breach compared to those which do not allow third party access. For organizations which need to provide third parties access to their systems, doing so in a secure and controlled manner is key.
The costs are running high
The Ponemon Institute’s annual Cost of a Data Breach report for the fourth-year running showed a connection between how quickly an organization identifies and contains a breach and the total cost of the breach. With the study also showing a higher likelihood of experiencing a data breach of at least 10,000 records than catching the flu, organizations should take note.
The global cost of a data breach in 2018 continues to rise, as does the time it takes to both detect and contain a breach. Detection is key – but still lagging – and it now takes on average 197 days to identify a breach, and an average of 69 days to contain a breach. As a result, the average cost of a breach in 2018 is US$ 3.86 million, up from US$3.62 million in 2017.
What’s more, the study found that data breaches have a clear cost in terms of customer trust, with loss of reputation being felt on the bottom line and perhaps most damagingly to organizations, information loss represents 43% of costs.
A topic for the boardroom
While the need for cyber security has increased, there are still organizations where it is only discussed in the IT department and is never considered by the board of directors. The top level of a company needs to be proactive and aware of the risks, steering the company in the right direction. Yet according to PWC’s Global State of Information Security Survey 2018, just 45% of respondents in the survey (a survey of 9,500 executives from across 122 countries) said their corporate board participates actively in setting the security budgets.
Unsurprisingly, 87% of businesses say they need up to 50% more budget for cybersecurity, according to Ernst and Young’s Global Information Security Survey 2017-18. For many organizations, though, it seems this increase will only come after a breach, when it is all too little too late. According to the same survey, 76% of companies say that they would increase spending on cybersecurity following a large data breach, which would cause significant damage to the organization – but alarmingly, 64% would not increase the budget if an attack did not cause significant damage.
Who has access to what, when
A cornerstone of good cybersecurity is identity management and access governance. This allows organizations to be in control of who has access to what, when, and access critical information such as who gave this access. This means companies can increase security, efficiency, and compliance, and be agile and act swiftly to prevent further damage in case a breach does happen.