The rising tide of known cyber threats and the mainstreaming of cybercriminal activities have created an undercurrent of concern: Are we doing enough to defend against known malware, ransomware and data breaches? And “where” will the next big threat come from?
It seems that cybercrime has hit mainstream, as ransomware alone became a $1 billion crime in 2016. According to ATT’s report, “The CEO’s Guide to Navigating the Threat Landscape,” 90% of organizations reported that they had at least one malware-related incident within the past year, while 63% were hit with a ransomware attack.
Even with the high percentage of attacks, threat intelligence data gathered in ATT’s report reveals that 90% of attacks that organizations see across their networks are known threats. So if these threats are known, with the tools and skills needed to protect against cyber threats readily available, why are organizations continuing to get hit hard with data breaches?
“Part of the challenge is the increasing volume of cyberattacks. The mainstreaming of threat methods has made it easy for anyone — from a nation state to a bored high school student — to launch an attack on your organization. They search for weak spots to exploit across your workforce, your partners, and your IT systems. Adding to the challenge, widespread adoption of emerging technologies such as the Internet of Things, cloud technology, and mobile devices provide new points of entry for cybercriminals to exploit using tool kits easily acquired on the Dark Web, an alternative gateway to information and communication on the internet.”
While many security pundits focus on the unknowns of cyberattacks, ATT’s study claims that “organizations are better off focusing on the knowns: the documented forms of malware and commonly used tactics that make up the vast majority of cyberattacks.”
“We aren’t suggesting that you should ignore the emerging unknowns of the threat landscape. But by defending against the most prevalent and well-known forms of attack — using established practices and commonplace protection tools — your organization will be a less attractive target for cyberattacks in 2017 and beyond.”
When planning for the year ahead, ATT’s security experts say that an organization’s priorities should include:
- Risk and vulnerability assessments. Knowing what you need to protect and where your vulnerabilities exist are critical first steps in a comprehensive cybersecurity strategy.
- Automation tools. Stay focused on the basic detect-and-respond defenses required to help protect against known threats. The rising volume of known threats also requires a shift toward automated technologies that help improve the pace and scope of your response.
- Awareness. Employee awareness training and governance policies must be regularly refreshed to keep best practices top of mind among all constituents.
How are Data Breaches Detected?
Even with organizations putting a spotlight on security, the number of reported data breaches only prove that organizations are having a difficult time keeping up with the tsunami of cyber threats. In the UK, cyber fraud has surpassed all other crimes in the region in 2015, and the U.S. is believed to be even worse, with experts estimating that cybercrime is larger than the narcotics trafficking industry.
With a troubling prevalence of malware attacks occurring across the globe, it has become more evident that existing methods to combat cyber fraud are not catching all of the attacks – and organizations are finding out all too late that they have been hacked.
Which begs the question – how do organizations find out they have been breached? Too often, by a variety of sources outside of the organization.
ATT’s survey showed 25% of organizations that had suffered a data breach were notified of the incident by law enforcement, and 21% were notified by customers. When a breach is discovered by an outside source, as survey evidence indicates, a majority of data breach victims either don’t have adequate systems or managed security services that would help them self-detect data breaches.
Take Yahoo’s data breach as an example. In December 2016, Yahoo revealed that a hack that occurred in 2013 had compromised over 1 billion accounts, with the original tip coming from law enforcement – a daunting trend considering how many organizations are connected to networks that include partners, customers and suppliers.
With digital advancements, you would expect to see some progress in halting cybercrime, but data breaches continue on an upward trend, showing us the opposite. For example, there were a total of 1,093 data breaches reported by the Identity Theft Resource Center (ITRC) in 2016, compared to 781 data breaches in 2015. Data protection remains a big challenge in modern multi-faceted businesses, and unfortunately, many well-known organizations have managed to get a place in the top data breaches of 2016.
How Much Does a Data Breach Cost?
This is a tricky question, involving many variables and factors that frequently change – but the answer shows the cost continues to rise. IBM and Ponemon’s 2016 Cost of Data Breach Study, which conducted 1,500 interviews in 16 different industries throughout the world, produced some staggering results. The study showed:
- The average cost of a data breach totaled $4 million, up 29% since 2013
- The average cost per record in a data breach came in at $158, but varies by industry – with healthcare at a staggering $355, retail at $172 and transportation organizations at $129
- Of the 383 organizations that were part of the study, 48% of those breached were the result of malicious attacks – such as malware or ransomware
The costs of detection and escalation surrounding data breaches are growing, which leads to the next question – will it happen to you? Ponemon’s study says that there is a 26% likelihood of a breach happening to an organization over the next 24 months.
What Can Organizations do to Protect Themselves?
Savvy companies that have embraced cybersecurity practices are taking steps to hold down breach costs. Ponemon’s study shows a reduction in the cost of a breach when the following steps are taken:
- Appointing a Chief Information Security Officer saved $7.00 per record
- Business Continuity Management saved $9.00 per record
- Participation in threat sharing saved $9.00 per record
- An incident response team saved $16.00 per record
- Organizations using extensive use of data encryption saved $13.00 per record.
Organizations of all sizes will continue to fall victim to fraudsters who infiltrate their networks and point of sale (POS) systems to steal clear-text cardholder data, and encryption is key to rendering data useless to hackers.
Bluefin, the leading provider of secure payment technology for retailers, enterprises and small to medium-sized businesses worldwide, specializes in PCI-validated Point-to-Point Encryption (P2PE), which encrypts cardholder data at the Point of Interaction (POI), preventing clear-text cardholder data from being present in a merchant or enterprise’s system or network where it could be accessible in the event of a data breach.
Learn more on Bluefin’s P2PE, and save your organization from becoming the next data breach statistic.