With all the projections of greater and greater volumes of data being created and pushed through our networks and smart devices, one might wonder just how safe and secure is our information. Our previous post took a look at how much actual data volume is being generated and sent over the internet. This post looks instead at what happens when this data is breached and what are the associated costs.
Many data security analysts thought that 2013 was the year of the data breach but unfortunately, 2014 is well on its way to surpass last year. A recent survey of data breaches in the first six months of 2014 shows an increasing number of incidents in which data, including names, addresses, credit card, social security/insurance numbers, and even medical records was lost to criminals or exposed in public forums. The Breach Level Index, reported that nearly 176 million data records were lost or stolen in the second quarter of 2014. These stolen records were a result of 237 breaches. The lion’s share of these stolen data records came from the retail industry which accounted for almost 85% of the loss. In fact, there were over 145 million data records stolen across the retail sector. Malicious hackers were found to be behind 56% of the publicly disclosed breaches, and over 75% of these incidents originated in North America.
To illustrate, with a real example; the retail giant, Target, disclosed last month that it will book $148 million in expenses in its second quarter results due to a massive data breach within their network. Just prior to Christmas, someone hacked into Target’s network and stole encrypted customer security debit card PINS on top of 40 million credit card numbers.
A logical question to ask is why these breaches continue to grow in frequency and scope? Reports from industry analysts, like Forrester, show that many companies are now shifting greater shares of their IT budgets to network security, network monitoring, and malware detection. With all this new investment in network security why aren’t we seeing a decline in data breaches?
Data security experts are now recommending that the security investments companies make should also be focused on protecting the data itself rather than just around the network perimeter. A shift in this direction would likely ensure that when a breach did occur, that data itself would still be protected.
The unfortunate news is that thousands of small companies will be hacked this year will not make the national headlines. This issue of data security is a critical priority and affects all of us. The infographic below breaks down where the real costs of these data breaches come from and how we can better prepare.
Credit: The above infographic was sourced from veracode.com