What Key Data Breach Trends Portend for Enterprise Security in 2016

 
 
By Chris Preimesberger  |  Posted 2016-01-05
 
 
 
 
 
 
 
 
 
  • Previous
    1 - What Key Data Breach Trends Portend for Enterprise Security in 2016
    Next

    What Key Data Breach Trends Portend for Enterprise Security in 2016

    A new report from Experian examines expected security trends for 2016 and evaluates how the company's previous predictions panned out.
  • Previous
    2 - Impact of EMV Chip-and-PIN Regulations
    Next

    Impact of EMV Chip-and-PIN Regulations

    Although Oct. 1, 2015, marked the official liability-shift date for U.S. vendors to adopt EMV chip-and-PIN compatible payment terminals, many organizations still have not adopted the technology. In fact, a survey released last fall by The Hartford found that 86 percent of small businesses had not yet invested in equipment to accept chip-and-PIN cards. This marks businesses as an easy target for cyber-thieves, particularly small vendors such as gas stations and other more distributed networks that are now more susceptible to an attack. For others that are still rushing to adopt the chip-and-pin technology, new opportunities may surface for attackers to exploit the fact that inevitably errors will exist in making the transition.
  • Previous
    3 - Health Care Companies Hit the Hardest
    Next

    Health Care Companies Hit the Hardest

    Health care companies will remain a top victim of data breaches in 2016, with incidents likely to increase in frequency and severity. In the coming year, sophisticated attackers may focus on insurers and large hospital networks with an opportunity for the biggest payoff. However, the other area that will remain largely under-reported is the growing number of incidents involving paper records and lost laptops. These incidents are often due to employees mishandling paper records or losing physical back-up of information.
  • Previous
    4 - Nation-State Attacks Leave Collateral Damage
    Next

    Nation-State Attacks Leave Collateral Damage

    In 2016, the covers are going to be blown off international cyber-warfare that's existed in the background and hasn't yet come to the forefront. According to research from The Wall Street Journal, more than 60 countries have or are developing tools for computer espionage and attacks, and 29 countries now have formal military or intelligence units dedicated to cyber efforts. As nation-states continue to move their conflicts and espionage efforts to the digital world, we are likely to see more incidents aimed at stealing corporate and government secrets that may expose personal records in the process. As with the U.S. Office of Personnel Management breach in 2015, while the goal of an attack may be to find specific background information, in the process everyday citizens' personal data will be left as collateral damage.
  • Previous
    5 - U.S. Presidential Campaigns Will Be Attractive Hacking Targets
    Next

    U.S. Presidential Campaigns Will Be Attractive Hacking Targets

    With the 2016 elections, it is likely that one of the presidential candidates, their campaign and/or major donor base is going to be targeted. As with any major activity or event, leaders involved must prepare for a data breach. In this case, political organizations and campaigns should ensure that they are securing their systems and have incident-response plans in place.
  • Previous
    6 - Hacktivism Will Make a Comeback
    Next

    Hacktivism Will Make a Comeback

    In 2016, we'll see a resurgence in hacktivist activities, which are motivated by causing reputational damage to a company or cause, rather than financial gain. Any organization or group with a polarizing or controversial standing should be prepared for the possibility of an attack for the purpose of harm to the organization. These types of incidents can often cause significantly more damage to individuals and are harder to resolve for businesses. It is important that organizations prepare to respond to this type of incident and rethink their data breach response plans to ensure all scenarios are accounted for—including extortion.
  • Previous
    7 - More Corporate Extortion Will Happen
    Next

    More Corporate Extortion Will Happen

    As the value of payment records decreases on the black market, more hackers will likely look to access data for extortion purposes or other scams in 2016. Examples of cyber-extortion—including the attacks on Sony and Ashley Madison over the past two years—may be a preview of what's to come. Moving forward, businesses are apt to take into account the potential of extortion in their data breach preparedness planning, including having cyber-insurance policies in place that incorporate protocols for how to negotiate with cyber-criminals.
  • Previous
    8 - Expect More Enforcement Action From Regulators
    Next

    Expect More Enforcement Action From Regulators

    While the last several months saw increased scrutiny from regulators on what steps are being taken by companies to protect customer and employee data, in 2016 companies can expect more direct enforcement actions from agencies. The recent FTC vs. Wyndham Worldwide case is a clear indicator of movement in this area, as federal courts granted the FTC authority to require companies to securely store customer data and then punish them if they failed to do so.
  • Previous
    9 - Millennials Will Present an IT Security Threat for Employers
    Next

    Millennials Will Present an IT Security Threat for Employers

    Millennials arguably are known for their frequent use of social networking sites and mobile devices as a key part of their daily lives—including electronic sharing of information from the workplace. This presents an IT security risk in the workplace that companies need to take into account in the coming years. Organizations should address this risk by ensuring that employees receive regular security training and are familiar with what information should not be shared outside company walls.
  • Previous
    10 - More Companies Will Hone Data Breach Response Plans
    Next

    More Companies Will Hone Data Breach Response Plans

    Although research shows more companies (81 percent) have a data breach response plan in place, executives still lack confidence in their ability to respond to an incident. According to a recent report from the Ponemon Institute, only 34 percent of executives say their organizations' data breach response plan is effective overall. With this in mind, more companies are likely to take the time to audit and practice their data breach response plans in the coming year.
  • Previous
    11 - A Look Back at 2015 Predictions
    Next

    A Look Back at 2015 Predictions

    No company is immune from hacks, whether from the inside or the outside. Even Experian itself was hit in 2015. As part of its annual forecast, Experian Data Breach Resolution also took the time to grade last year's predictions. A few of the predictions made top marks, including a continued increase in health care breaches and more business leaders being scrutinized for data breach preparedness. However, Experian was surprised to find that cloud computing avoided the spotlight in terms of major security incidents. Go here to see last year's 2015 predictions.
 

As we return to our routines at the outset of the new year, it's a good time to reflect on the past year in enterprise security, to see if we've learned anything and to take a look at what lies ahead. The last 12 months saw a continued wave of data breaches, with both the nature of incidents and motivation of cyber-criminals continuing to evolve. Nearly half of organizations reported having dealt with a data breach involving the loss or theft of more than 1,000 records containing sensitive or confidential information in the past two years. While more companies have taken the basic step of creating a data breach response plan, they need to examine emerging threats and update their plans accordingly. Experian's Data Breach Industry Forecast report, now in its third year, explores expected new trends and evaluates how previous the information service provider's predictions panned out. In this slide show, eWEEK examines findings from the report, which outlines several predictions for 2016.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel