10 Predictions About the Data Breach Landscape in 2015

 
 
By Chris Preimesberger  |  Posted 2014-12-12
 
 
 
 
 
 
 
 
 
  • Previous
    1 - 10 Predictions About the Data Breach Landscape in 2015
    Next

    10 Predictions About the Data Breach Landscape in 2015

    by Chris Preimesberger
  • Previous
    2 - Payment Breaches Will Rise and Fall
    Next

    Payment Breaches Will Rise and Fall

    With the imminent adoption of EMV chip-and-PIN technology in the United States in October 2015, the window is closing for hackers to easily profit from point-of-sale attacks on brick-and-mortar retailers. EMV stands for Europay, MasterCard and Visa, a global standard for the interoperation of IC (integrated circuit-containing) cards. Retailers can expect a continued influx of payment breaches in the near-term before the new system is implemented late next year.
  • Previous
    3 - More Hackers Will Target Cloud Data
    Next

    More Hackers Will Target Cloud Data

    Cloud services have been a productivity boon for consumers and businesses. However, as more information gets stored in the cloud and consumers rely on online services for everything, the cloud becomes a more attractive target for attackers. In 2015, there will be an increase in hackers targeting online credentials, such as consumer passwords and usernames, to gain keys to the castle, with the strategy that compromising one record can often give access to all sorts of other information stored online. Incident response plans will need to include considerations of how to reset user passwords on a massive scale and send email promptly to all those potentially affected.
  • Previous
    4 - Health Care Breaches Will Face Growing Threats
    Next

    Health Care Breaches Will Face Growing Threats

    The expanding number of access points to Protected Health Information (PHI) and other sensitive data via electronic medical records and the growing popularity of wearable technology makes the health care industry particularly vulnerable to cyber-attacks. Case in point: It was reported that the FBI released a private notice to the health care industry earlier this year warning providers that their cyber-security systems are lax compared to other sectors. Health care organizations will need to step up their security posture and data breach preparedness or possibly face sanctions from federal regulators in 2015.
  • Previous
    5 - Medical Identity Theft Becoming Growing Concern for Consumers
    Next

    Medical Identity Theft Becoming Growing Concern for Consumers

    Along with a rise in health care breaches, medical identity theft remains a top concern among consumers as cyber-criminals look to capitalize on the bigger payout for PHI on the black market. Industry reports reveal medical identity theft has now claimed more than 1.8 million U.S. victims, granting hackers the ability to gain medical services, procure drugs and defraud private insurers and government benefit programs. Health care organizations face the challenge of securing a significant amount of sensitive information stored on their networks, which combined with the value of a medical identity string makes them an attractive target for cyber-criminals.
  • Previous
    6 - Internet of Things Will Provide Fresh Breach Surfaces
    Next

    Internet of Things Will Provide Fresh Breach Surfaces

    The Internet of things (IoT) is growing rapidly, offering a wide range of benefits for businesses looking to review data and optimize performance. More devices are being created with Wi-Fi capabilities and sensors that create the opportunity for everyday items—such as car keys, alarm systems or wearable devices—to relay information over the Internet and communicate with each other. As more companies adopt interconnected systems and products, cyber-attacks will likely increase via data accessed from third-party vendors. Businesses looking to take advantage of data available from the IoT need to emphasize risk management and security with third-party vendors that provide or have access to the same information.
  • Previous
    7 - Business Leaders Will Face Increased Scrutiny
    Next

    Business Leaders Will Face Increased Scrutiny

    Where previously IT departments were responsible for explaining security incidents, cyber-attacks have expanded from a tech problem to a corporatewide issue. With this shift, business leaders are being held directly accountable for data breaches. As we saw with some of the mega breaches in 2014, there is significant pressure for management teams to brush up on their knowledge on data breach preparedness or face the threat of being ousted from the company. Looking ahead, senior executives will be expected to have a better understanding of the data breach response plan, comprehension of new technologies and security protocols in the workplace and have a clearly defined chain of response should a breach occur.
  • Previous
    8 - Employees Will Be Companies' Biggest Threat
    Next

    Employees Will Be Companies' Biggest Threat

    Although there is heightened sensitivity for cyber-attacks among business leaders, a majority of companies will miss the mark on the largest data breach threat: employees. Between human error and malicious insiders, time has shown us the majority of data breaches originate inside company walls. In fact, approximately 80 percent of breaches serviced by Experian in 2014 were the result of employee negligence. In 2015, people-based breaches will continue to be the leading cause of compromises but will receive the least attention. Organizations that implement regular security training with employees and a culture of security committed to safeguarding data will be better positioned for success.
  • Previous
    9 - Data Breach Fatigue Will Grow Among Consumers
    Next

    Data Breach Fatigue Will Grow Among Consumers

    A growing number of consumers are becoming more apathetic and are taking less action to personally protect themselves. This sentiment, called "data breach fatigue," is likely to continue because the rate of reported data breaches is not expected to slow any time soon. To confront data breach fatigue, companies need to avoid treating the notification process as a compliance issue and conduct sincere communication with customers. Notification letters should include an apology and a clear explanation of what happened, why it happened and what consumers can do to protect themselves from fraud. This includes recommending that they check their credit reports and monitor financial or health records to identify any fraudulent activity.
  • Previous
    10 - Expect a Boom in State-Level Regulatory Action
    Next

    Expect a Boom in State-Level Regulatory Action

    In the absence of federal regulatory action for standardized data breach notification requirements, states may experiment with data breach laws in the coming year, from adjusting timing and content of notification, to defining personal data, and requirements to alert media and regulators. Unfortunately, for companies with customers in multiple states, there is no one-size-fits-all approach to notification that meets each standard. Currently, U.S. businesses face a patchwork of data breach laws across 47 states, along with the District of Columbia and Puerto Rico.
  • Previous
    11 - A Look Back at 2014 Predictions
    Next

    A Look Back at 2014 Predictions

    Experian's Data Breach Resolution group released its first annual industry forecast report last year. While it accurately predicted an increase in health care breaches and a surge in adoption for cyber-insurance (which increased by 150 percent in 2014), they weren't expecting the cost of a breach to rise. With the average data breach costing organizations $3.5 million, the financial impact of data breaches actually increased this year. Go here for the 2014 predictions.
 

An alarming number of widely publicized data breaches is sparking change in the attitudes of business leaders and consumers when it comes to cyber-security. Consumers and regulators alike are demanding more communication and remedies from businesses after data breaches occur. As a result, the topic is one of the highest priorities facing businesses and regulators in 2015. To help enterprises understand the implications of the latest industry changes and to navigate the road ahead, Experian Data Breach Resolution has published its second annual data breach industry forecast report. Experian examines the outlook for attacks affecting different markets, from health care to retail, and technologies (such as the cloud and the Internet of things (IoT), as well as breaches caused by employees and third parties. This slide show, put together with eWEEK reporting and information from the forecast, offers a list of data breach industry predictions for 2015 and some advice on how to deal with the shifting security landscape.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel