5 Essential Incident Response Checklists
It seems like we are constantly talking about data breaches, but as a couple of recent studies show, we may be under-reporting their frequency and severity. The 2016 Data Breach Trends report released by Risk Based Security said 4,149 breaches were reported, compromising more than 4 billion records. That’s 3 billion more than exposed in 2013, the highest total before last year (and higher even than the so-called Year of the Data Breach in 2014).
Also, a study conducted by the Identity Theft Resource Center (ITRC) and CyberScout found that there were 1,093 reported breaches in the United States last year, another all-time high. However, according to eSecurity Planet, there may be a reason for these high breach numbers:
ITRC president and CEO Eva Velasquez said it’s not clear whether the increase is due an actual surge in breaches or simply due to more states making the information available.
But maybe it isn’t so surprising that the United States is a prime target for data breaches. As Dwayne Melancon, VP of Product for Tripwire, said to me in an email comment:
The U.S. is a leading world economy – and one of the most connected economies – so it isn’t surprising that nearly half of the world’s data breaches are in the U.S. A lot of organizations have gone after the “quick fixes” for information security, but that isn’t sufficient, as the results indicate.
Both studies revealed that hacking, skimming and phishing are the leading causes of data breaches. Stolen laptops, once a leading cause of data breaches, now resulted in less than 2 percent, with a total of 67 incidents, the Risk Based Security report found.
The statistic that surprised me most was the number of insider incidents. Risk Based Security reported that only 18 percent of data breaches were caused by insiders, a number I thought was very low – unless the numbers focus on breaches caused directly by the insider, like those lost laptops, as opposed to an insider opening a malicious attachment or link.
However, while data breaches appear to be on the rise, not everyone agrees that they are our top cyber-incident concern. The 2017 Cyber Incident & Breach Response Guide released by the Online Trust Alliance found that while data breaches have leveled off, other types of cyber incidents are “skyrocketing,” putting your customer data at even greater risk. According to the report, these other types of incidents include business disruptions caused by ransomware and DDoS attacks, compromised email, and the takeover of critical infrastructure. Craig Spiezle, executive director and president of OTA, said in a formal statement:
The high profile cyber incidents of 2016 have taught us that financial loss is only one of many other potential dangers of cybercrime. Organizations are susceptible to security threats, reputation damage and much more. It is essential for all organizations to plan ahead and secure technologies, processes and procedures to help prevent, detect, remediate and respond to the impact of a cyber incident.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba
