New information from the Identity Theft Resource Center (ITRC) and CyberScout show that 2016 had more reported breaches than any previous year. The number of breaches, as defined by the ITRC*, reached 1,093, a 40 percent increase from prior year. In total, about 36.7 million records were exposed in those qualifying breaches.
The leading causes, for the eighth year in a row, were hacking, skimming, and phishing attacks. These incidents accounted for 55.5 percent of the overall number of breaches – an increase of 17.7 percent over 2015 figures – and 72 percent of breached records.
Cases involving CEO phishing were markedly on the rise. And if the early weeks of 2017 are any indication, the prevalence of such attempts continues to increase.
Breaches involving accidental email or inadvertent internet exposure of information were the second most common type of incident at 9.2 percent of the overall number of breaches.
According to the ITRC report, the financial services industry fared best among the five broad industry types, accounting for only 4.8 percent of breaches. The business sector led the pack at 45.2 percent of the overall breaches, followed by the healthcare/medical industry (34.5 percent), education (9 percent), government (6.6 percent), and financial services.
Whether the mistake was believing a fabricated CEO email, accidentally sending out confidential information, or clicking on an infected attachment, the human factor needs to be addressed in every information security strategy. The industry experts at SLPowers can help with a three-phase security training program tailored toward your company’s specific security weaknesses. Our program integrates end user training on how to avoid letting the bad guys in, management training on how to foster a culture of security awareness, and IT training on state-of-the-art firewall solutions and security best practices.
*The ITRC defines a data breach as an incident in which an individual name plus a Social Security number, driver’s license number, medical record or financial record (credit/ debit cards included