Data Breaches Set to Rise in 2015

Author: Thu Pham, Information Security Journalist, Duo Security

2015 is likely to be ‘as bad or worse’ for large-scale data breaches than 2014, when a series of incidents at large companies exposed the sensitive information of millions of people and businesses, according to a new report.

The Ponemon Institute report 2014: A Year of Mega Breaches, argues this year is likely to be worse than last year because more information and transactions are being moved to digital environments where they are vulnerable to attack.

In 2014, a range of companies – including Target, eBay, JPMorgan Chase & Co., Staples and Sony Pictures Entertainment experienced what the Ponemon Institute described as ‘mega breaches’. The research firm surveyed 735 IT and IT security practitioners about the impact of the Target breach in late 2013, and other major breaches, on IT budgets and compliance practices. The survey also covered business and government organisations’ own experiences with data breaches.

The report – which included interviews with organisations in a range of industries, including finance (18 percent of respondents), federal government bodies (9 percent of respondents), tech and software (8 percent of respondents) and retail (7 percent of respondents) – found data breaches were felt in nearly every industry over the past year.

The researchers said the Target breach had prompted senior management to allocate more sizeable budgets to security; 61 percent of respondents said their security budgets had increased by an average of 34 percent.

Asked about the key steps their organisations had taken in response to mega-breaches, 72 percent of respondents agreed they had provided the tools and personnel to contain and minimise breaches. Sixty nine percent of respondents agreed their organisations had invested in the ability to quickly detect breaches, while 67 percent agreed their organisations had allocated the budget necessary to defend their data from incursions.

The top technology investments made in response to mega-breaches included security incident and event management (SIEM) solutions (50 percent of respondents said their organisation had invested in these solutions), endpoint security (invested in 48 percent of respondents’ organisations), and intrusion detection and prevention (44 percent). Only 29 percent of respondents reported investing in identity and access management tools.

The researchers also probed further into the data breaches experienced by nearly half (45 percent) of the respondents’ organisations in the last 24 months. Focusing on the one data breach at each of those organisations that had the most serious economic impact on them, the Ponemon Institute found that customer account data was compromised in 68 percent of cases, and customer data in 65 percent. The organisation’s own intellectual property was the third most compromised type of information, but well behind the first two at 28 percent. 

How can you notify others if you don’t know yourself?

Organisations’ ability to notify regulators and customers of a data breach can be hampered by their own lack of understanding of when, where and how the incident occurred. This lack of understanding can also stop them making the right decisions about where to strengthen their IT defences.

Of respondents from organisations that experienced one or more breaches in the last 24 months, 20 percent could not determine when the breach was discovered, while another 15 percent did not detect the breach until more than two years later. Even harder for organisations to identify was the location of the breach − 55 percent were unable to determine where exactly they were breached. A further 20 percent of respondents were unable to say when the breach was resolved.

Of those organisations that found the root cause of the breach (where malware was all or part of the cause in 44 percent of cases, a trusted advisor all or part of the cause in 30 percent of cases and a hacker involved in 27 percent of cases), nearly 46 percent did so by accident. Fifty seven percent of those organisations that found the root cause of the breach implemented security training, 54 percent enhanced security monitoring and 38 percent deployed additional security tools.

Reputational damage significant

Almost half of respondents from organisations that experienced one or more data breaches in the past 24 months ranked lost reputation, brand value and marketplace image as a result. They also lost time and productivity (reported by 42 percent of respondents from companies that experienced data breaches), as well as revenue and customers (reported by 42 percent). The cost of newly purchased technology also added up, being reported by 38 percent of respondents in this category.

Read more: Defending Your Castle from the Inside: Data Breaches and How to Minimise Their Impact

The cost of notifying affected individuals also impacted breached companies (nominated by 27 percent of organisations that had experienced one or more data breaches). Other expenses included engaging external consultants and attorneys (an issue for 23 percent of organisations).

Free guide to retail security

The Ponemon Institute report revealed that the Target incident had prompted senior management teams at most companies to treat information security much more seriously.

More than half (55 percent) of respondents believed senior management at their organisation were extremely concerned about a data breach following the incident, compared to only 13 percent beforehand.

Management teams at retail companies that collect and process large volumes of the customer data prized by information security attackers have particular cause to review their systems and processes. To navigate the risks to this industry in particular, please check out this free guide.

The online booklet provides a detailed overview of retail's state of security and incorporates recommendations on safeguarding customer financial information.

About the author

Thu Pham covers current events in the tech industry with a focus on information security. Prior to joining Duo Security, Pham covered security and compliance for the infrastructure as a service (IaaS) industry at Online Tech. Based in Ann Arbor, Michigan, she earned her BS in Journalism from Central Michigan University.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags Intrusion and detectiondata breachesPonemon Institute report 2014: A Year of Mega Breachesattacksendpoint securityTarget breachSIEM

More about CSOeBayEnex TestLabSonyStaples

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Thu Pham

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts