The United States has experienced a worrying surge in data compromises in recent months, and there’s reason to believe the problem will worsen.
Publicly reported cases of data compromises spiked 114% in the second quarter, according to the Identity Theft Resource Center (ITRC). Those 951 incidents were the most the ITRC has ever seen in a single quarter.
The first half of 2023 had 1,393 data compromises, more than the annual total for any year between 2005 and 2020 except for 2017, 2021 and 2022.
If data compromises continue to occur at this rate, 2023’s year-end total will pass the all-time high set in 2021.
The ITRC report noted several other concerning trends:
Every industry included in the study reported an increase in data compromises.
The more sensitive a company’s data, it seemed, the more likely it was to be targeted.
The healthcare sector represented 379 incidents, more than any other. It had more than double the number reported by this point in 2022.
Financial services, the second most targeted vertical, recorded 241 incidents during the first half of this year, not quite double the total from the first half of 2022.
Phishing and ransomware were the most commonly identified methods of cyberattacks.
They represented 246 (phishing) and 131 (ransomware) incidents during the first half of 2023. That’s about how many cases were reported by the same point in 2022. Malware, the third most common attack vector, nearly doubled, from 47 to 89 cases.
Cyberattacks weren’t the only cause of data compromises.
System and human errors, like failing to configure cloud security correctly, represented a significant number of cases — 311, or almost five times what was reported in the first half of 2022.
Not all causes for data compromises were reported.
The IRTC reported 534 incidents over the first six months of 2023 with a cause of “not specified,” more than any other single category.
How can businesses reduce their odds of being attacked?
Start by implementing more basic cybersecurity tactics. Not only are these relatively quick to complete, but they also tend to be very cost-effective.
- Conduct a basic security audit and risk assessment. Your IT team or your cybersecurity contractor can help you develop a clearer picture of your specific risks. If a bad actor decided to target your system, how would they break in? What are some best practices (such as having a patching policy) that would make your network a harder target? Ideally, you should conduct this assessment at least once each year.
- Upgrade your keyword and login rules. Remind your team to set up distinctive keywords for each of their logins. Don’t let them reuse the same password across multiple apps and sites because, if one of those platforms is compromised, it could undermine the security of all the others. It’s also a good idea to require team members to use multi-factor authentication (MFA) whenever available for the apps and sites they access.
- Set aside time for staff training. Train your team members to correctly identify the most common forms of cyberattacks and what they should do as a response. Ideally, training should occur as part of each new hire’s onboarding and once a year as a refresher for all employees.
- Make sure you have set up logging functions and support them with sufficient storage. Your most important software and platforms probably have a logging function that records critical events, such as data entering and leaving your network. That can be critical to identifying how a data breach occurred and preventing it from recurring. Make sure logging is on, and set up your account so that it has several months of storage — after all, months could pass before a breach is uncovered
What about organizations that already have those systems in place?
Some companies — especially those with a higher risk profile and highly sensitive information — may want to invest in more advanced security strategies to identify potential weaknesses before a bad actor can take advantage of them.
- With penetration testing, for example, security contractors will look for as many potential weaknesses and try to exploit them, so they ultimately can be fixed.
- Red team testing goes a step further. A dedicated “red team” —- usually a group of external security experts — tries to quietly breach your system to see how or if your team would respond.
Both tests can uncover potential dangers, but should only be undertaken after more basic security improvements are first implemented.
How Digital Silence can help
If your organization wants to assess your current cybersecurity, educate your teams, or run a penetration test, let’s talk. If you need immediate incident response for a data breach, call our hotline: 888.S1LENCE.