SafeNet Breach Level Index tracks, ranks severity of data breaches worldwide

Organisations concerned about the spread of new security attacks and compromises will get a real-time view into the current threat profile after security firm SafeNet launched a centralised, global database of breaches classified and analysed according to their level of urgency.

The SafeNet Breach Level Index (BLI) aggregates information about major and minor data breaches into a single interface that allows users to get a better picture of the current threat environment.

Data from incidents recorded during 2013, which have already been loaded into the BLI based on publicly available information, includes details of over 1000 breaches in which more than 575 million data records were lost or stolen. This equates to 1.57 million records stolen every day of the year, or 18 records stolen every second.

Of those, 32 breaches occurred in Australia and New Zealand, representing a total of 42.1 million lost records.

Detailing and classifying security breaches helps bring a level of understanding to the threat profile that has been lacking in the past, according to SafeNet. “Not all breaches are created or should be treated alike," said Prakash Panjwani, senior vice president and general manager for data protection with SafeNet, in a statement.

"The Breach Level Index helps us track and differentiate between an insecure breach, in which customer data is compromised and lost, and a secure breach, where data is stolen but cannot be deciphered by cyber criminals because it is encrypted, rendering it useless to them."

Of the attacks in the BLI database, 57 per cent were caused by malicious outsiders, while accidental loss accounted for 27 per cent of breaches and malicious insiders, 13 per cent.

Hacktivists accounted for just 2 per cent of data breaches, with state-sponsored activity less than 1 per cent.

Healthcare and government records were the most frequently targeted, accounting for 31 per cent and 17 per cent of data breaches, respectively, with financial (15 per cent), technology (11 per cent) and retail (8 per cent) rounding out the top five.

And, while healthcare and government sectors saw the most data breaches, it was the technology and retail sectors that saw the most records exposed (43 per cent and 28 per cent of all records, respectively). Financial records were the most popular target for hackers, accounting for half of all data records exposed.

The BLI emerged from a SafeNet collaboration with analyst firm IT-Harvest that resulted in the creation of an algorithm that the BLI uses to analyse multiple inputs and determine the relative severity of each breach on a scale of 1 to 10. Factors affecting that ranking include the data type, number of records stolen, breach source, and whether or not the high-value data remained secure after the breach was discovered.

“Based on several factors," Panjwani said, "the Breach Level Index will assign a numerical score to indicate the severity of a given breach, and that number will be significantly lower if the organisation in question has successfully limited itself to a secure breach and maintained the integrity of its confidential data.”

The recent high-profile hack of US retailer Target, in which 110 million records were breached, currently holds the number-one spot while the September breach of Adobe Systems (152 million records), December breach of Turkey's Supreme Election Committee (54 million), Cupid Media (42 million) and Korea Credit Bureau (20 million) round out the top five worst attacks on the BLI database.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags data breachesSafeNet Breach Level Index

More about Adobe SystemsAdobe SystemsCSOSafeNet

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place