DATA BREACH MANAGEMENT AND RESPONSE

For all companies, the importance of being prepared for a data breach continues to rise. Cyber attacks can bring significant adverse consequences to an organisation. The level of readiness is likely to have a material bearing on the extent of the impact.

2021 was a record year for cyber attacks. In the US, the number of data breaches jumped 68 percent compared to 2020, reaching a level 23 percent higher than the previous all-time high, according to Identity Theft Resource Center (ITRC). A report by ProPublica reveals that 2021 saw the theft of 300 million customer service and device records from one company, 59 million email addresses and personal data from another company, and a 17.6-million row database from a third.

2022 has continued in the same vein. Data breaches in the first quarter of the year were up 14 percent over 2021, according to ITRC. That makes three consecutive years of Q1 increases. Stolen or compromised credentials were used to effect 19 percent of attacks, with phishing at 16 percent and cloud misconfiguration at 15 percent.

Between January and March 2022, there were 404 publicly reported data compromises, with phishing and ransomware attacks once again the most common types of intrusions. The healthcare, financial services, manufacturing, utilities and professional services sectors suffered the most breaches in the period.

Meanwhile, the financial impact of falling victim to a data breach is higher than ever. The average cost of a data breach increased 2.6 percent from $4.24m in 2021 to $4.35m in 2022, according to IBM’s Data Breach Report featuring research by Ponemon Institute. In 2022, the average cost was $3.86m.

Jan-Mar 2023 Issue

Richard Summerfield

Join our free mailing list to read the full article