Fewer, but larger, cybersecurity breaches reported in 2016
NEIL COSSER Additional cybersecurity measures, such as transaction authentication, behavioural analysis, multiple forms of two-factor authentication and layered security, improve security for users while providing a good user experience
While the total number of cybersecurity breaches reported in 2016 was down by 4%, compared with the previous year, the number of records lost increased by 86%, compared with the previous year, says cybersecurity firm Gemalto data protection research and development director Joe Pindar.
About 1.378-billion records were stolen during 2016, equal to about 3.77-million a day, or 43 a second, he elaborates. The larger volumes of records lost, coupled with the fact that 68% of attacks are from “malicious outsiders” – or cybercriminals – indicate the impact of criminal networks and that they are becoming more efficient at identifying large databases to attack.
Breach prevention does not constitute an effective defence strategy. Therefore, additional defensive measures, including encryption of data in storage, will mean that breaches that do occur will more often be secure breaches, which are breaches that involve the loss of well-encrypted information and pose a minimal risk to those affected, explains Pindar.
Securing data as part of business processes and according to a well-defined strategy is the most effective cybersecurity defence, says Gemalto Africa regional sales manager Neil Cosser.
Implementing additional measures, such as transaction authentication, behavioural analysis, multiple forms of two-factor authentication and other layered security, is an effective way of improving security for users and providing a good user experience.
“Large repositories of records represent proverbial gold mines for cybercriminals, because they mine the databases of records for high value and high vulnerability targets. “Cybercriminals often sort through the databases by processing the information against other databases, such as determining the average wealth of people and companies by processing known addresses compared to the affluence of residential or commercial areas,” says Pindar.
Worryingly, more than half of the reports about breaches did not include the number of records lost. This illustrates the continuing trend of companies not prepared to be open about breaches, which heightens the risks for companies, clients and individuals whose records have been lost, as they cannot mitigate exposure and risks, says Pindar.
Best practice to protect those affected, whether customers or not, is to be candid and swift in letting them know, as well as advising on the measures they should take to mitigate risks and the actions the breached company is taking, he emphasises.
Swiftly communicating breaches might lead to a dent in a company’s reputation. However, not being honest and being caught out will lead to severe reputational harm. Best practice when dealing with breaches is to communicate effectively and provide details of the types of records lost so that those exposed can take corrective actions.
“A standout example of effective breach management is that of ABTA, in the UK, which communicated with all the affected parties and also set up a helpline where they could get information and advice, and detailed the additional measures ABTA put in place.”
Compared to other publicised breaches where companies did not voluntarily disclose or belatedly disclosed the breach, the incident passed after two days as a result of their effective response without lasting impact to the brand, he says.
A company that did not respond effectively lost a third of their clientele, as a result of damage to the brand and a loss of trust, concludes Pindar.
Comments
Press Office
Announcements
What's On
Subscribe to improve your user experience...
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation