Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

Cyber Threats Up Ten Percent from 2013: New Report


Cyber Threats Up Ten Percent from 2013 New ReportEmployees as Most Cited Culprits for Cyber Breaches

October is designated as National Cyber Security Awareness Month, designed to put the threat of cyber attacks into the forefront as a national security issue. As we kick off the month, several reports have already been released highlighting how widespread the issue is with businesses increasingly experiencing data breaches and other cyber threats.

According to a study on data breach preparedness conducted by the Ponemon Institute, an independent research firm on privacy, data protection and information security policy, a whopping 43% of companies have experienced a breach in the past year – that’s up 10% from the prior year.

What’s more, the report cites that the size of the breaches is increasing. “Particularly beginning with last quarter in 2013, and now with all the retail breaches this year, the size had gone exponentially up,” said Michael Bruemmer, vice president of the credit information company Experian’s data breach resolution group, which sponsored the report. Think Target, Home Depot. But, Bruemmer also cited one large international breach of which few Americans are aware. In January, more than 70% of South Koreans ages 15 to 65 – a total of 27 million – had their personal data stolen and credit cards compromised. The breach was caused by a worker at the Korea Credit Bureau, which provides credit scores to Korean credit card companies.

While most may think of hackers from far-off countries being the principal cause of these attacks, the fact, according the Ponemon report, is that 80% of the breaches in the study were caused by employee negligence. “It could be from someone giving out their password, someone being spear-phished, it could be a lost USB, it could be somebody mishandling files, it could be leaving the door to the network operations center open so someone can walk in,” said Bruemmer.

This is further underscored by a recent report ,“The Global State of Information Security Survey 2015”, just released by PricewaterhouseCoopers (pwc). One key finding among survey respondents is that employees more than any other threat actors were the most-cited culprits of security incidents. Moreover, a growing number of respondents attribute incidents to third parties with trusted access to networks and data, including current and former service providers, consultants, and contractors.

According to the pwc report, “the jump in insider incidents may carry serious implications because crimes caused by internal actors are often more costly or damaging than compromises perpetrated by external groups. When organizations overlook the threats residing inside their ecosystems, the effects can be devastating. Yet many companies do not have an insider-threat program in place, and are therefore not prepared to prevent, detect, and respond to internal threats.”

The Ponemon report concurs with this assessment. In fact, despite the rise in breaches, 27% of companies didn’t have a data breach response plan or team in place, which is down from 39% who didn’t have them in the previous year’s survey. And worse yet, those that do have breach plans in place aren’t convinced they will work. Only 30% of those responding to the survey said their organization was “effective or very effective” at creating such plans.

Breaches A Part of Our Life

The bottom line is that data breaches and other cyber threats are a part of our life. Companies must take this threat seriously, implementing a data breach preparedness plan, reviewing and updating it on a regular basis to address emerging risks, pinpoint vulnerabilities and put in place further measures to stem losses. In addition to having a plan, Cyber Liability insurance should be secured to provide financial protection in the event of a breach or other cyber-related incident. A cyber insurance product can be designed to pay for notification costs, media relations, forensic research, remediation expenses, preventive actions, such as account monitoring, legal fees, and much more.

Axis Insurance Services specializes in Cyber Liability insurance/Privacy & Network Security coverage. Our cyber insurance specialists can assess your exposure to loss and suggest insurance solutions and risk management programs that can reduce your potential for financial disaster should one of your systems be breached. Please give us a call at (877) 787-5258.

Sources: Ponemon Institute, USA Today, Pwc

Comments

comments

Blogged on: October 2, 2014 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions