The
number of reported data breaches in 2018 is at a consistent pace with
this same time period in 2017, according to new research from Risk Based
Security, but there’s a catch: mega-breaches and hacking persist as top
cybersecurity concerns across all industries.
WHY IT MATTERS
So far there have been 3,676 publicly disclosed data breaches across all industries exposing approximately 3.6 billion records.
Seven of the breaches through the third quarter of this year exposed
100 million or more records, with the 10 largest accounting for 84.5
percent of the records exposed, the report said.
Hacking continues to be the leading cause of data breaches,
accounting for 57.1 percent and fraud was the cause of the most records
being exposed, accounting for 35.7 percent.
THE BIGGER TREND
“Despite the decrease from 2017, the overall trend continues to be
more breaches and more ‘mega breaches’ impacting tens of millions, if
not hundreds of millions, of records at once,” said Inga Goddijn,
executive vice president for Risk Based Security.
Threats continue. For example, a new Symantec report found that the notorious, highly targeted
SamSam ransomware virus is primarily hitting the U.S. –
especially the healthcare sector, where hackers may believe
organizations are more likely to pay. SamSam breaks into networks and
encrypts multiple computers across an organization. The clean-up costs
can run in the double digit millions, according to Symantec.
While healthcare organizations are better at understanding and
investing in cybersecurity needs, hackers are keeping pace -- and then
some, according to a panel of CISOs at the HIMSS Healthcare Security
Forum in Boston late last month. When
asked to rank the cybersecurity posture of the healthcare sector, four healthcare infosec leaders found that while the industry has improved, there’s still a long way to go.
Anahi Santiago, chief information security offier of Christiana Care
Health System, said larger organizations are much more secure — but
small to mid-size hospitals are struggling.
In the next five years, healthcare will be the biggest target,
information security experts say, and hackers will be able to quantify
how they can monetize the data. As the use of healthcare data matures,
the hackers will keep pace. In the end, healthcare will only be
successful when infosec leaders have a seat at the table when it comes
to strategy,
ON THE RECORD
“The number of reported breaches shows some improvement compared to
2017 and the number of records exposed has dropped dramatically,” said
Inga Goddijn, executive vice president for Risk Based Security.
“However, an improvement from 2017 is only part of the story, since 2018
is on track to have the second most reported breaches and the third
most records exposed since 2005