Data Breach Trends in 2012
In an interview conducted by Manila Standard Tech, Symantec Philippines senior country manager Luichi Robles said data breach incidents and the number of identities stolen have both taken a dip, but remain on an upwards trend for the year 2012.
According to Symantec’s analysis, the overall number of attacks in 2011 and 2012 were about the same. However the number of records stolen in the biggest attacks in 2011 was much larger. The top five breaches in our 2011 data set all registered in the tens of millions of identities. In 2012, only one breach registered above 10 million.
In 2011, a number of high profile data breach cases which resulted in millions of identities stolen by cybercriminals. In January to August 2012, the average number of breaches per month is down slightly, but not by statistically wide margin. The average number of breaches per month was 16.5 in 2011 (in the last 8 months of 2011), while in 2012 this number dropped to 14 breaches.
“We also see that in terms of the average number of identities stolen per breach there is actually a very significant drop recorded. In the last eight months of 2011 the average number of identities stolen was 1,311,629 per data breach. In 2012 (up to August 2012), this number is down to 640,169 identities per breach—that’s a drop of more than half, “ Robles said.
While it is difficult to pinpoint why there are lesser breaches of the size in 2011, it could indicate that the string of high-profile attacks which garnered much attention last year made companies more aware of their own IT security vulnerabilities. Many companies could have taken the steps to shelter important assets such as their customer record databases from Internet attacks, according to Robles.
In a Symantec Philippines report, the average number of identities stolen was 1,311,629 per data breach in the last eight months of 2011. In 2012 (up to August 2012), this number is down to 640,169 identities per breach—that’s a drop of more than half.
While the overall average number of identities stolen is down, the core number of identities stolen, when accounting for variance, is increasing over time. “This could indicate that the attackers are going after more select, targeted batches of data, as opposed to making off with big-number caches of data,” Robles said.
Cybercrime is not the only reason behind data breaches and stolen identities. Many employees would likely have faced the theft of company laptops containing sensitive information before, especially when travelling or moving about. The perpetrators may have only wanted to resell the laptop for profit, but further prying into the laptop’s information could easily lead to data breach incidents.
Other times, hardware such as USB thumb drives are simply lost or misplaced, never making it back to the owners’ hands. In some other cases, poor coding and lack of security on certain websites may also accidentally expose sensitive private data to the public domain.
When it comes to identities stolen through data breaches however, hackers remain overwhelmingly the main cause, accounting for a whopping 88% of all stolen identities through data breach in 2012. In general, hackers are still responsible for the highest number of data breaches at 40.6%. In addition, data breach was also driven by other factors such as accidental exposure of data (21.4%), Theft or Loss (18.8%) and Insider theft (8.0%), Symantec said.
Industries most affected
Within the different industries, the sector which has suffered the highest number of identities exposed in 2012 is the retail industry. 40% of identities stolen originated from this sector, compared to 15% for the second-place Telecom industry.
On the flipside, looking at the number of data of breaches that had occurred we find that the healthcare industry was actually the most targeted industry of the lot. Even though the number of identities stolen from this particular industry is exceedingly low at 2.7% of the overall number of identities exposed. Given the sensitive nature of medical records, this is a perfect example of a high number of attacks that result in small numbers of highly sensitive records being exposed.
Data breaches are no doubt a serious issue for any and every organisation around the world, particularly in the increasingly connected and globalised environment. The exposure of sensitive information can very easily lead to a significant loss of confidence in the organisation by its customers.
According to Symantec’s 2012 State of Information Survey, Philippine organizations have highlighted that the impact of data loss would include: Lost customers (52%), Damage to the brand (62%), Increased expenses (48%), and Decreased revenue (48%)
Companies need to assess their risks by identifying and classifying confidential information. In the era of unprecedented information growth, separating the sensitive and useful information from the redundant and unimportant ones can prove to be an uphill task if not done consistently and efficiently.
“It is important that employees are educated on information protection policies and procedures so that everyone in the company knows exactly how to deal with company information, especially sensitive private data. They need to be held accountable to ensure that accidental data breaches or malicious insider attacks can be prevented,” Robles said.
Data loss prevention technologies are crucial for organisations as they enable policy compliance and enforcement on a company-wide level and provides a strong first-line-of-defence against leakage of sensitive data, whether accidental or on purpose.
As laptops are a necessity for employees who are constantly on the go, it is important that all information on them are thoroughly and proactively encrypted. With the right implementation, stolen or lost laptops would at least be able to keep all private data and files securely encrypted and thus rendered useless to anyone who tampers with them.
Business should not make IT security policies an unnecessary burden on employees already saddled by other tasks and responsibilities. Information protection practices should very well be integrated into business processes to ensure a seamless standard-operating-procedure for employees to adhere to. Doing so would make it easier for employees to access the information they need, and harder for future data breaches to occur.
COMMENT DISCLAIMER: Reader comments posted on this Web site are not in any way endorsed by The Standard. Comments are views by thestandard.ph readers who exercise their right to free expression and they do not necessarily represent or reflect the position or viewpoint of thestandard.ph. While reserving this publication’s right to delete comments that are deemed offensive, indecent or inconsistent with The Standard editorial standards, The Standard may not be held liable for any false information posted by readers in this comments section.