BreachExchange mailing list archives
93% of organisations suffered a data breach in 2013
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 18 Dec 2013 00:33:22 -0700
http://www.itproportal.com/2013/12/16/93-of-organisations-suffered-a-data-breach-in-2013/ Some 93 per cent of large organisations experienced a security breach last year, according to a new survey commissioned by the UK Government's Department for Business, Innovation and Skills (BIS). This figure has remained largely unchanged since the 2012 report. However, smaller businesses saw an 87 per cent mark-up in data breaches, up from 76 per cent the year before. This supports the comments of some security experts, who claim that small to medium businesses have a false sense of cyber-security. The overall numbers of attacks also increased, with large companies experiencing an average of 113 breaches, and smaller enterprises reporting an average of 17. Both of these numbers are up by almost 50 per cent on 2012 figures. What's worse – the financial burden of data breaches and web-based security attacks has also increased. The worst security breaches are currently costing large companies an average of £450,000 to £850,000 each, while smaller businesses typically experienced losses of between £35,000 and £65,000. These shocking costs are brought about by attacks originating both inside and outside the organisations affected. Some 78 per cent of large organisations reported attacks from outside the business over the last year, with 39 per cent of those incidents being distributed denial of service (DDoS) attacks. Something that enterprise leaders should be particularly aware of is the fact that 36 per cent of data breaches were down to simple human error, a figure that highlights the importance of proper training and education surrounding the risks facing the average member of staff. While most large companies now have a written data security policy, understanding of these policies is often shamefully low, according to the survey's findings. Companies whose employees had been educated in the dangers of data breaches, and what they could do to prevent it, enjoyed a reduction in data breaches by as much as a half. The findings are particularly relevant as the number of high-profile data breaches occurring in 2013 has been truly startling. Adobe, Australian dating company Cupid Media, racing news site The Racing Post, as well as JP Morgan, and even the UK Home Office have all suffered catastrophic data breaches in the last three months alone.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- 93% of organisations suffered a data breach in 2013 Audrey McNeil (Dec 19)