The Online Trust Alliance (OTA) has released their 2014 Data Protection and Breach Readiness Guide which also contains some harrowing estimated statistics about the number of data breaches that occurred in 2013.
Using statistics from the Open Security Foundation and the Privacy Rights Clearinghouse, the OTA estimated that over 740million records were exposed online during 2013. If these estimates are correct, then the number of data breaches that occurred in 2013 is a new record high.
In the first half of 2013 alone, there were over 500 data breaches. The OTA believe that at least 89% of these data breaches could have been avoided as many businesses didn’t even have the most basic security controls in place. If a company doesn’t have the basic security controls in place, how can they expect data protection practices to be implemented and followed correctly?
Washington State Attorney General Bob Ferguson stated, “Businesses and organizations have a responsibility to protect consumer privacy and prevent data breaches from aggressive cyber thieves. Consumers deserve to know who they can trust. The Online Trust Alliance arms organizations with critical information to reduce cyber risk and protect consumers.”
As hackers and cyber thieves are constantly developing more sophisticated methods of attack and increasing the frequency of attacks, it is not too surprising that the number of data breaches has increased. It has become very important that businesses take responsibility and ensure that they have a flexible proactive approach to data security to help minimise the risk of suffering from a data breach.
Tim Rohrbaugh who is the VP of Information Security for Intersections Inc. and OTA Board Member stated, “Data breaches are nothing new and have been around for quite some time; however, what we are seeing is a significant increase in incidents that not only harm consumers, but businesses as well, leading to a breakdown in consumer trust. Having a rigid, black and white approach to security controls and monitoring and being unprepared for an incident will cost businesses more in the end.”
Businesses need to start taking responsibility for the safety of their data and to ensure that policies and practices are followed strictly to help minimise the potential risk of suffering from a data breach.
Craig Spiezle who is the executive director and president of the Online Trust Alliance stated, “Consumers and businesses are both victims of rapidly escalating hacking attacks, and as stewards of consumer data it’s incumbent on businesses to adopt best practices to help protect consumers from harm. Those companies that fail to do so need to be held accountable, by consumers, regulators and stockholders.”
As part of a data security plan and to be best prepared, a robust backup solution needs to be in place. This will ensure that data can always be recovered no matter what action a hacker or cyber thieves takes such as modifying or deleting the data.