Data Breaches WAY Up In 2008; 90% Of Them Easily Preventable
According to a new Verizon study, 2008 saw more instances of data breaches than the preceding four years <em>combined</em>. And considering how easily most of those breaches could be prevented -- but weren't -- my guess is that 2008 won't hold the record for long.
According to a new Verizon study, 2008 saw more instances of data breaches than the preceding four years combined. And considering how easily most of those breaches could be prevented -- but weren't -- my guess is that 2008 won't hold the record for long.The new Verizon Business Security Solutions study of data breaches found 285 million individual records compromised as a result of 90 confirmed breaches.
The vast majority of the breaches, according to the study, stemmed from servers and applications, not desktops or mobile devices.
And a whopping 90% of the breaches could have been prevented by implementing and following standard, basic, fundamental security practices and procedures.
We're talking the real basics here, folks:
Change default credentials
Don't share credentials
Patch immediately and comprehensively upon patch availability
Review user accounts regularly
Terminate IT access thoroughly when employees are terminated
Log and monitor Web and application access
This stuff is so fundamental that the fact that it's not in place among the organizations breached is a reminder of just how lax, how sloppy, and how vulnerable our records are at some businesses.
Not yours, one hopes. Small and midsized businesses can learn a lot from the bigbiz mistakes that enabled (sic) the record number of breaches last year (a record that, my bet is, will probably be broken this year)
Take some time, now, to review your security practices, procedures, and policies from the ground up, making sure that all your fundamentals are in place.
And once that's done, keep an eye on them.
The complete Verizon Data Breach Report is here.
And speaking of fundamentals, bMighty's upcoming online event exploring Security On A Budget will be looking at affordable, practical ways for small and midsized businesses to implement and maintain the very sorts of security fundamentals (and more) discussed above. Register now:
bMighty bSecure is a virtual event designed to help your company stay secure in the most cost-effective way possible. bMighty and InformationWeek editors will bring together SMB security consultants, analysts, and other experts, along with real IT execs and users from small and midsize companies to share the secrets of keeping your company secure without breaking the bank.REGISTER NOW! |
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024