Data breaches are increasingly prevalent and the rise of new tech like mobile payment apps, home and office assistants and many more open our likelihood of a cyber attack. The news lately seems to cover hackings for large scale hacks like the recent Marriott attack to smaller attacks on local businesses. Something businesses have at their advantage are the trends and patterns hackers leave behind after hacks. Looking at things like the most hacked industries and the most compromised data types gives us more insight into what hackers want, what information is most valuable and what we should prioritize the most when we’re putting together our cybersecurity strategy.
For example, Human error is a common theme among hacks. A robust cybersecurity system is meaningless if an ill-informed or malicious employee is able to change a few settings. This is an especially rampant issue in the healthcare industry since 34 percent of their breaches are a result of human error. To combat this, all companies (but especially those in the healthcare industry!) should instill a security culture starting with top leadership and trickling down to all employees. Leading by example is key to enforcing new regulations and protocols.
A pain point that some may reach is the intangibility of preparation and investment in cybersecurity is not something immediately rewarded. One way to shift this mindset is to focus on how much time and money is saved with a comprehensive cybersecurity solution in place. Companies that take less than 30 days to contain a breach save $1.16 million dollars in comparison to companies that took longer. In the unfortunate event of a data breach, the difference between days and weeks of recovery lies in a company’s preparedness.
There are surprising stats is that hackers go after personal data more than financial data in the financial sector. This could mean that these businesses need to shift their focus to where and how their customer’s personal data is stored and prioritize it. Another stat that may be surprising is that the top inside threats to a company are system admins. This means that the employees most likely to hack from the inside are the ones you trust the most and have the most access to your systems. This can be a sign to take a look at who has access to what and where permissions should be restricted. It can also be an indicator that you should keep a closer look at what files your employees are accessing every day.