Data Breach Risk Has Never Been Higher
Business cybersecurity has been a rocky proposition in the last 12 months. Businesses are faced with challenges at every turn as they bat back threats like ransomware, phishing and business email compromise. But a larger problem is dominating the board right now, and every business needs to be on top of it – a data feeding frenzy has driven the demand for data higher than ever, leading to a historic rise in data breaches and the expenses that they bring to businesses that are unfortunate enough to end up in the spotlight.
What was that noise? Is it a ghost or one of the Monsters of Cybersecurity breaking in to steal your data? Learn how to ward off those foul fiends fast! READ IT IF YOU DARE!>>
There is Some Good News
First, the good news: the numbers for publicly-reported data breaches in the US are down, decreasing 9% in Q3 2021 with a total of 446 breaches compared to 491 breaches in Q2 2021 according to the non-profit Identity Theft Resource Center. However, their experts caution that some organizations and state agencies are not including specifics about data compromises in public record reports or even reporting data breaches on a timely basis. One state has not posted a data breach notice since September 2020.
2021 Data Breach Facts to Remember
- An estimated 85% of data breaches in 2020 involved a human element.
- Phishing is the top threat action that results in a breach.
- The number of breaches that involve ransomware has doubled.
- More than 60% of breaches involve credentials.
- Over 80% of breaches are discovered by external parties.
See how ransomware really works, who gets paid & what’s next in our tell-all Ransomware Exposed! DOWNLOAD IT>>
But Much More Bad News
But that’s pretty much all of the good news when it comes to data breaches this year. The rest of the data breach landscape is a wasteland of risk and expense. The ITRC also reports that the number of data breaches that they’ve been able to track through September 30, 2021, has not decreased. In fact, the number of data breaches that they’ve recorded in 2021 has already exceeded the total number of events in Full-Year (FY) 2020 by 17%, with 1,291 breaches in 2021 compared to 1,108 breaches in 2020. This trend is expected to continue and it points to the high probability of 221 being a record-breaking year for data compromises (the all-time high of 1,529 breaches was set in 2017).
The expense of a data breach has also increased at every turn. A data breach has never been affordable, but the cost of a single data breach has become a lot more expensive than it has ever been before, creating an even bigger hazard for companies that are in high-risk industries. A data breach can be a death blow for companies that have experienced an adverse economic impact from the chaotic events of 2020 and don’t have cash put aside to deal with a problem or any resources in reserve. In this year’s IBM Cost of a Data Breach Report, researchers determined that the average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study.
5 Fast Facts to Remember from the IBM Cost of a Data Breach Report
- The cost of a data breach can change significantly depending upon the initial attack vectors including the top three most common: compromised credentials (20% of breaches), phishing (17%) and cloud misconfigurations (15%).
- The cost of a breach can be impacted by the type of data stolen or leaked, like customer personally identifiable information – the most frequently breached and the most expensive at $180 per record.
- The top country in the world for data breach costs in 2021 (so far) is the US with an average cost of $9.05 million.
- Thanks to the hot market for COVID-19 data in 2020, medical data is in second place as the most desirable data to snatch, and healthcare at $9.23 million is the industry with the most expensive data breach costs.
- Organizations that operate with 50% remote workers took an average of 316 days to identify and contain a data breach compared to the overall average of 287 days.
Dive into how to reduce your client’s risk from phishing fast with the tips in The Phish Files. DOWNLOAD NOW>>
Cloud Data Breaches Are Climbing
Cloud data breaches are also becoming an increasingly bigger problem for businesses, especially those that store large amounts of data in-house or at major data processors. An estimated 36% of organizations worldwide have suffered a serious data security incident like cloud data breach in the past 12 months. Evidence shows that these companies suffered a data breach or leak in their cloud environment because of fundamental security issues, including myriad misconfiguration and personnel issues that ultimately led to disaster.
There’s a good reason cloud data breach risk is rising, and that’s borne out by hard data. The IRTC report points to a dramatic rise in personal information theft, and they’re chalking it up to a series of major incidents with unsecured cloud databases, not data breaches. In fact, researchers discovered that a strong majority of IT managers and executives don’t feel confident about their company’s cloud data security. An estimated 8 out of 10 IT controllers feel like their organization is vulnerable to a major cloud data security incident, and 20% expect to suffer a customer data security breach in 2022.
The Primary Causes of Cloud Data Breaches
“The State of Cloud Security 2021” asked IT professionals about the circumstances that influence a company’s chance of a possible cloud data breach and these were the factors that they pointed to:
- 32% say too many APIs and interfaces to govern
- 31% cite lack of adequate controls and database oversight
- 27% point to lack of policy awareness around data security
- 23% blamed old-fashioned negligence
- 21% said they are not checking Infrastructure as Code (IaC) prior to deployment
- 20% admitted outright that their IT team oversight is at fault
Are you really protected from cyberattacks? Our Cybersecurity Risk Protection checklist will tell you the truth! GET IT>>
Remote Work is Still a Risk Driver
Other world circumstances had a big impact on the data breach landscape in 2021. Data breach costs were heavily impacted by the rise of remote work and other complications brought on by the global pandemic. The IBM Cost of a Data Breach study also showed that when companies reported that the majority of their staffers were working from home, they experienced a big increase in the cost of a security incident that ended in a data breach. Companies supporting a remote or hybrid workforce experienced an increase of up to $1 million more when a data breach occurred, with the highest rates of $4.96 million in comparison to $3.89 million.
Remote work has been a bear for every company to wrestle, and its impact can be seen in every facet of business security. Experts estimate that overall cybercrime was up by 80% in 2020, and they’re pointing the finger at the confluence of remote workers and phishing. A constant stream of phishing attacks poured into businesses, ensnaring unwary remote workers and driving up data breach numbers. An estimated 74% of organizations in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months. The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020.
Prevent a Data Breach with Powerful Security from ID Agent
Protecting a business from increasing data breach risk can be a challenge, especially when you’re trying to do it n a budget. The ID Agent digital risk protection platform provides the tools that businesses need to stay safe from cybercrime, as these businesses discovered. Our solutions address operational issues as well as constantly rising cybercrime risk, enabling companies to get twice as much value out of security expenditures. That value doesn’t just stop at the point of purchase – we’re constantly innovating to keep you a step ahead of cybercriminals.
Passly includes an array of identity and access management tools cited by experts as key security moves that add immediate protection against human error disasters. Your savings and benefits begin immediately with robust functionality. Essentials like multifactor authentication and single sign-on make remote management and access control easy. Automated password resets will make your IT team happy and give them more time.
Dark Web ID enables you to get a clear picture of your company’s credential compromise threats from dark web sources. Our 24/7/365 always-on monitoring alerts businesses to credentials appearing on the dark web that may have been stolen or phished to mitigate the risk of bad actors using a stolen password to gain access to your systems and data. Automated alerts and reporting means that your team doesn’t need to spend time staring at a dashboard or pulling reports.
BullPhish ID improves your staff’s security awareness and increases phishing resistance. But they’ll learn about much more than just phishing including compliance, password safety, security hygiene and more, giving every employee a solid grounding in cybersecurity pitfalls and best practices. Choose from our plug-and-play complete training modules and phishing simulations or customize the content to reflect the unique industry risks those employees face daily.
See them in action in these short demonstration videos: https://www.idagent.com/learn-more
The ID Agent digital risk protection platform has the strong solutions that every business needs to protect their systems and data from today’s biggest threats. Contact our solutions experts today to learn how your business can benefit and receive a free, personalized demonstration.
Are you ready to fight back against cybercrime? See where 2021’s threats are coming from and what’s next. DOWNLOAD THE REPORT>>
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
See our innovative, cost-effective digital risk protection solutions in action.
Contact us for an expert analysis of your company’s security needs and a report on your Dark Web exposure!