cheka.
26th September 2015, 11:29 PM
won't see this on the nightly news $^^^$
http://www.lexology.com/library/detail.aspx?g=9c40e798-ab07-412d-be94-690acdfa7f0e
Nearly every day, the news media tells us about the consequences of the latest attack from sophisticated groups of foreign and domestic hackers. These shadowy groups gain access to treasure troves of personal information that is be sold on the black market or used to embarrass and blackmail individuals.
It’s a compelling story, one that sells advertising, racks up page views, and can even be made into a Hollywood blockbuster. But such media reports don’t address and often obscure the real security risks every organization faces. So what are the day-to-day risks that your organization should address in its data privacy plan?
Recently, Verizon released their 2015 Data Breach Investigations Report. The report is a comprehensive look into what organizations should do to protect customers’ personal information. Data breaches, which the report defines as any “incident that resulted in confirmed disclosure (not just exposure) to an unauthorized party,” occurred across practically all industries, but were confined to just a handful of common ‘types’ of breaches. The report separates data breaches into nine distinct categories: crimeware, cyber-espionage, denial of service, physical theft/loss, miscellaneous errors, payment card skimmers, point of sale, insider misuse, and webapp attacks.
Given the media reports, it’s obvious that external cyber threats are the top categories on which to focus your organization’s data privacy efforts, right? Surprisingly, in the healthcare industry, where personally identifiable information (such as social security numbers, dates of birth and addresses) and highly confidential personal health information (such as medical records and health insurance information) are readily available, external intrusions such as cyber-espionage and webapp attacks account for only 13% of the data breaches … combined.
Far more prevalent threats are physical theft/loss (16%), miscellaneous errors (32%), and most importantly, insider misuse (26%). And, these trends predominate across all industries. In fact, breaches caused by mistakes or purposeful misuse by an organization’s employees account for 90.4% of all reported security incidents.
http://www.lexology.com/library/detail.aspx?g=9c40e798-ab07-412d-be94-690acdfa7f0e
Nearly every day, the news media tells us about the consequences of the latest attack from sophisticated groups of foreign and domestic hackers. These shadowy groups gain access to treasure troves of personal information that is be sold on the black market or used to embarrass and blackmail individuals.
It’s a compelling story, one that sells advertising, racks up page views, and can even be made into a Hollywood blockbuster. But such media reports don’t address and often obscure the real security risks every organization faces. So what are the day-to-day risks that your organization should address in its data privacy plan?
Recently, Verizon released their 2015 Data Breach Investigations Report. The report is a comprehensive look into what organizations should do to protect customers’ personal information. Data breaches, which the report defines as any “incident that resulted in confirmed disclosure (not just exposure) to an unauthorized party,” occurred across practically all industries, but were confined to just a handful of common ‘types’ of breaches. The report separates data breaches into nine distinct categories: crimeware, cyber-espionage, denial of service, physical theft/loss, miscellaneous errors, payment card skimmers, point of sale, insider misuse, and webapp attacks.
Given the media reports, it’s obvious that external cyber threats are the top categories on which to focus your organization’s data privacy efforts, right? Surprisingly, in the healthcare industry, where personally identifiable information (such as social security numbers, dates of birth and addresses) and highly confidential personal health information (such as medical records and health insurance information) are readily available, external intrusions such as cyber-espionage and webapp attacks account for only 13% of the data breaches … combined.
Far more prevalent threats are physical theft/loss (16%), miscellaneous errors (32%), and most importantly, insider misuse (26%). And, these trends predominate across all industries. In fact, breaches caused by mistakes or purposeful misuse by an organization’s employees account for 90.4% of all reported security incidents.