What are the Top Causes of Data Breaches?
In a perfect world, you would never have to worry about your company being the victim of a data breach.
Some people consider 2016 "the year of the data breach" and it's easy to see why: many of the biggest brands in the world were hacked, thus leading to high-level security concerns as well as lost time and money.
Here is a short list of some of the top data breaches and hacks of 2015 and 2016:
- Yahoo! - December 2016
- MySpace - May 2016
- LinkedIn - May 2016
- Scottrade - October 2015
- UCLA Health - July 2015
As you can see, no industry is safe. From tech to financial to healthcare, a hacker can target any company, regardless of size.
Patterns of Behavior
It's one thing to understand that hackers are always on the lookout for their next big "project." It's another thing entirely to understand their pattern of behavior.
According to the 2016 Verizon Data Breach Investigations Report, "95% of breaches, and 86% of incidents are covered by just nine patterns."
It doesn't matter if you're an IT professional, C-level employee, or an entry-level worker, it's important to understand these patterns. With this knowledge, you can take steps in preventing disaster from striking your company.
Now, let's examine the nine patterns:
- Miscellaneous errors - 17.7 percent
- Insider and privilege misuse - 16.3 percent
- Physical theft and loss - 15.1 percent
- Denial of service - 15 percent
- Crimeware - 12.4 percent
- Web app attacks - 8.3 percent
- Point-of-sale intrusions - 0.8 percent
- Cyber-espionage - 0.4 percent
- Payment card skimmers - 0.2 percent
Note: the remaining 13.8 percent includes patterns not detailed above.
Now that you understand the most common causes of data breaches, it's time to learn more about preventing each pattern from occurring within your company.
As noted, miscellaneous errors are the top cause of data breaches. Generally speaking, this includes any mistake or unintentional action that compromises security. This can be as simple as a basic mishap by an employee who's not informed as to what they should and should not be doing in regards to security.
You can protect against this by:
- Educating employees on matters of security and what they can do to help.
- Strengthening controls across the board, such as the use of data loss prevention software.
- Implementing a comprehensive disposal procedure.
As you make your way through the list of patterns, each one will present its own challenges and potential safeguards. Furthermore, even if the patterns remain the same, the percentage of incidents will rise or fall based on vulnerabilities and hacker activity.
An example of this is the continued growth and implementation of web apps. If your company is relying on an e-commerce platform or content management system, for example, this is an area of concern in 2017. The growth of this space alone will attract plenty of attention.
Small businesses are sure to face a variety of security challenges in 2017. Understanding the top causes of data breaches and implementing the right tips can help keep your company safe over the coming months (and beyond).
SurePayroll takes account security seriously, and we're rolling out Enhanced Security on customer accounts over the next several weeks. When you receive your notification, be sure to take a minute to set up your Enhanced Security preferences.