2015 Data Breach Forecast, A Year in Review
November 18, 2015 | DevOps | joanna mastrocola
Not all publicity is good publicity, that’s no secret. As more and more data breaches make headlines, consumers and executives are hopefully starting to get the message that security needs to become a priority or there will be costly repercussions.
Early in 2015 Experian published its second annual data breach industry forecast. It predicted that executives would start to take cybersecurity more seriously and take more steps to make sure proper solutions were in place to mitigate or eliminate risk. As we head toward the holidays and begin thinking about 2016, it is helpful to look back and learn from the mistakes and mishaps that occurred. Since 2015 was the year of breaches such as Ashley Madison, Hilton Hotels, and OPM there are plenty of examples to study.
Experian explains that it is difficult to prevent breaches as hackers are ahead of the curve in terms of new technologies; they are already planning on hacking systems most enterprises haven’t even adopted yet. The new chip technology for credit cards was announced early in 2015, with most companies adopting the chip cards in October. Since hackers have known department stores would make the switch it is likely that over the past year they have been searching for, and finding, vulnerabilities in the new, seemingly more secure payment system.
As the holidays are fast approaching more people will be using credit cards. There is such a sense of security in these new cards that people might be less careful with their information and less likely to notice suspicious activity on their credit card statements. Although it is great that retailers and credit card companies are making the switch to chip enabled payment, they must take additional steps to secure consumers’ private information.
Experian also predicted that 2015 would have an increase in breaches related to the healthcare industry. As the healthcare industry moves toward electronic record keeping, and holds some of patient’s most sensitive data, it is easy to understand how they are one of the biggest targets. Experian’s prediction was correct, the healthcare industry had the most data breaches in 2015, these incidents also exposing the most records. The Anthem breach, in which 78.8 million records were leaked, was the one of biggest healthcare breach of 2015.
In its research Experian found that in 2014, 73% of companies worked to create a data breach response plan. This confirms that businesses believe they have permeable weaknesses in their IT environments. Although creating a response plan is a step in the right direction, it really shouldn’t be the first, or only step, toward better security.
We should be focused on systems and applications that prevent data breaches before they happen. We need ahead of the curve technologies that will allow us to keep up with cyber criminals instead of remaining a step or two behind them. Experian published this study publicly; if companies had read it and taken the warnings and predictions seriously many of these breaches could have been prevented, or at least detected sooner.
Although it is helpful to find out that our information has been compromised as soon as possible, what steps can we really take if things like social security numbers have been exposed? As it is typical for breaches to be discovered years after the fact, we, as consumers, are left with even less options. Although it is great that businesses are working to create appropriate response plans to these types of hacks, this can’t be their only step toward pushing for better security; this cannot be the final solution.
With our current focus on increased automation, the Internet of Things has made us more prone to attacks in 2015 and will continue to do so in 2016 if certain preventative measures aren’t in place. For more information on securing your infrastructure check out this case study in which we outline how to manage, secure, and audit permissions across an entire cloud infrastructure.