Data Breaches WAY Up In 2008; 90% Of Them Easily PreventableData Breaches WAY Up In 2008; 90% Of Them Easily Preventable
According to a new Verizon study, 2008 saw more instances of data breaches than the preceding four years <em>combined</em>. And considering how easily most of those breaches could be prevented -- but weren't -- my guess is that 2008 won't hold the record for long.
April 16, 2009
According to a new Verizon study, 2008 saw more instances of data breaches than the preceding four years combined. And considering how easily most of those breaches could be prevented -- but weren't -- my guess is that 2008 won't hold the record for long.The new Verizon Business Security Solutions study of data breaches found 285 million individual records compromised as a result of 90 confirmed breaches.
The vast majority of the breaches, according to the study, stemmed from servers and applications, not desktops or mobile devices.
And a whopping 90% of the breaches could have been prevented by implementing and following standard, basic, fundamental security practices and procedures.
We're talking the real basics here, folks:
Change default credentials
Don't share credentials
Patch immediately and comprehensively upon patch availability
Review user accounts regularly
Terminate IT access thoroughly when employees are terminated
Log and monitor Web and application access
This stuff is so fundamental that the fact that it's not in place among the organizations breached is a reminder of just how lax, how sloppy, and how vulnerable our records are at some businesses.
Not yours, one hopes. Small and midsized businesses can learn a lot from the bigbiz mistakes that enabled (sic) the record number of breaches last year (a record that, my bet is, will probably be broken this year)
Take some time, now, to review your security practices, procedures, and policies from the ground up, making sure that all your fundamentals are in place.
And once that's done, keep an eye on them.
And speaking of fundamentals, bMighty's upcoming online event exploring Security On A Budget will be looking at affordable, practical ways for small and midsized businesses to implement and maintain the very sorts of security fundamentals (and more) discussed above. Register now:
bMighty bSecure is a virtual event designed to help your company stay secure in the most cost-effective way possible. bMighty and InformationWeek editors will bring together SMB security consultants, analysts, and other experts, along with real IT execs and users from small and midsize companies to share the secrets of keeping your company secure without breaking the bank.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
What Ransomware Groups Look for in Enterprise Victims
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Everything You Need to Know About DNS Attacks
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks