Data Breach

by Wally Moore

on October 29, 2019

in Data Protection

Here at DTS InfoTech, we are pleased to announce our new partnership with ID Agent!

Data Breach

We are very excited about this because ID Agent provides a comprehensive set of threat intelligence and security training solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

The company’s flagship product, Dark Web ID, delivers dark web intelligence to identify, analyze and monitor for compromised or stolen employee and customer data, mitigating exposure to the client's most valuable asset – their digital identity.

So, what’s the big deal? You may be asking this question.

Consider this good news from ID Agent: “When we reflect on data breaches in 2018, it will be important to account for the good with the bad. Even though cyber-attacks are growing in cost, size, and impact, there is an enhanced sense of global awareness and vigilance that will serve as the foundation for better cybersecurity.” Truly, this is good news!

Here’s the bad news. What would you do…

If your personal information is stolen? If your company experiences a data breach? Do you even think this could happen to you?

What would you do?

Before you click away and leave this page, here’s a very important short article you should read. This report goes into detail about Canada, Europe, Australia and New Zealand and it is worthwhile reading. Read the full report here.

It will add to your education about experiencing a data breach. You’ll be glad you took the time.

Under Attack: The Year 2018 In Breach

If we were to record a time-lapse of data breaches across the globe in 2018, it would reveal consistent increases in three key categories:

Cost

The average total cost of a breach increased by 6.4% from $3.6 million to $3.86 million

Size

The average size of a data breach has increased by 2.2%

Impact

The average total cost of a record loss due to breach increased 4.8% from $1.41 per record to $1.48.

According to the 2018 Cost of Data Breach by the Ponemon Institute, aside from a 6.4% year-over-year lift on the average total price tag of a single breach (now $3.86B), the number of records lost or stolen has climbed by 2.2% this year alone.

To make matters worse, the dollar-cost consequence of each record compromised (revealed to an unauthorized attacker) continues to skyrocket. The global average per capita cost went from $141 to $148, with the United States, Canada, and Germany leading at $233, $202, and $188, respectively.

However, a common theme that emerges is the importance of speed in detection and mitigation, which can significantly lower the burden of a breach. Although the Mean Time to Identify (MTTI) and Contain (MTTC) rose to record highs of 197 and 69 days respectively, organizations that were able to contain a breach in less than 30 days saved over $1M compared to those who took longer. To put this into perspective, the average cost savings generated from working with an Incident Response (IR) team was as high as $14 per compromised record. In other words it pays to be prepared.

Meanwhile, privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breach (NDB) are shining a bright beam on the most prevalent breach type: identity theft. Gemalto’s Breach Level Index reports that identity theft represented 65% of the breaches that occurred in the first half of 2018, such as Exactis and Firebase. As we’ve seen in the past, once cybercriminals get their hands on personal information, they will monetize it by selling identity footprints directly on the Dark Web or organizing payment fraud schemes.

Follow along as the ID Agent Team explores the global landscape of data breaches across the United States, providing you with actionable insights for protecting yourself, customers, and employees.

United States

The cost of lost business for US organizations is almost twice as much as the next runner up country.

A glance at recent headlines can characterize most US data breaches in 2018: newsworthy and expensive. At $7.91M, the average total cost in the United States is the highest around the globe. Although this can be largely attributed to organizational spending on post-breach responses, notification costs, and customer churn, it also highlights a cultural phenomenon.

Current American legislation surrounding notification laws creates a domino effect, where the end-user has a greater awareness of data breaches, higher expectations for identity protection by companies, and fleeting loyalty caused by the availability of other options. Such insight is illustrated by the $4.2M cost of lost business for US organizations, a number that is nearly twice as high as the next runner-up.

Timeline of U.S. Breaches in 2018

March 17, 2018 – It was revealed that Cambridge Analytica was responsible for harvesting private information from Facebook profiles.

Late March 2018 – In late March, Under Armour announced that a data breach affected an estimated 150M users of its MyFitnessPal application.

May 2018 – Twitter urges more than 330M users to change their passwords after reporting that a glitch caused data to be stored in readable form (unencrypted) rather than being hashed (encrypted).

Late June 2018 - In late June, a security researcher discovered that the database of marketing firm Exactis was being stored on a publicly accessible server with 340M records exposed.

September 2018 - Facebook notified users that yet another massive data breach compromised the accounts of over 50M users. Hackers had exploited a security weakness present in the social network’s code since July 2017 to steal automated log-in credentials.

November 2018 – Marriott revealed on November 30th this hack, of as many as 500M records, had been continuously compromising data on guests staying at Marriott Starwood properties since 2014, including everything from names, addresses, phone numbers, passport numbers to payment card numbers and expiration dates.

The rest of the report goes into detail about Canada, Europe, Australia and New Zealand and it is worthwhile reading. Read the full report here.

Conclusion

When we reflect on data breaches in 2018, it will be important to account for the good with the bad.

Even though cyber attacks are growing in cost, size, and impact, there is an enhanced sense of global awareness and vigilance that will serve as the foundation for better cybersecurity.

With privacy regulations taking shape in countries most affected, we can predict that identification, escalation, and mitigation will be the focus of many organizations going forward.

As we’ve all heard before, it’s no longer a question of “if,” but “when” a company will get breached.

To future-proof ourselves, our employees, and our customers, it will become paramount to invest in solutions that can pinpoint threats proactively, contain compromises quickly, and empower parties that are affected so that they can take action.

What’s It All About?

You’re protecting your business, yourself and your way of life. That’s all!

Your lifestyle is what a Data Breach can destroy if you’re not vigilant and actively defending yourself.

How Do You Defend Yourself?

Proactively defend yourself using four strategies. They are:

1. Hardware

2. Software

3. Technical expertise

4. Training

Some people we talk to, including personal friends of mine who own their own business, have a belief that a router and a few backups are all they need to ensure their business against a natural disaster, or an electronic disaster (read Data Breach). Nothing could be further from the truth.

They believe that their business is too small for hackers to be interested in breaching their computers at their business. They could not be more wrong. Remember, hackers don’t just care about YOUR business. They care about anything they can extract from all of your customers as well.

Today, in October 2019, you have to use multiple strategies to defend your business. If you don’t, more than likely, you’ll end up on the wrong side of statistics. That is, your business will become known as one of the small businesses forced to close its doors after a data breach.

DTS InfoTech Can Help

We’re good at preventing Data Breaches and training your employees to be vigilant. Seriously, we are.

We know how intimidating technology can be, we make a living helping people just like you who have questions about all thing’s technology, and that includes preventing a data breach.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, we can help.

If you would like more information about preventing a data breach give us a call, we’re always happy to chat, and the call is free!

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW