Although it has been a widely held belief among companies that insiders are responsible for most data breaches, a new study released June 11 claims 73 percent of breaches result from external sources versus 18 percent from insider threats.
Skewering some basic corporate security tenets, the study by Verizon Business also contends nearly 9 in 10 data breaches could have been prevented with reasonable security measures in place. The study covered four years and more than 500 investigations involving 230 million records.
Moreover, the study claims, most breaches resulted from a combination of events rather than a single action with 62 percent attributed to “significant internal errors” that either directly or indirectly contributed to a breach. For breaches that were deliberate, 59 percent were the result of hacking and intrusions.
“Security breaches and the compromise of sensitive information are very real and growing concerns for organizations worldwide,” Peter Tippett, vice president of research and intelligence for Verizon Business Security Solutions, said in a statement. “This report can help companies better understand data breaches — how they occur and the commonalities that exist.”
Most importantly, Tippett said, corporations must be “proactive in their approach to security — the absolute key to safeguarding data.”
The study also said 9 of 10 breaches involved some type of “unknown,” including systems, data, network connections and account user privileges. In addition, 75 percent of the breaches studied were discovered not by the victim company but by a third party.
“This report clearly shows it’s not about clever or complex security protection measures,” Tippett said. “It really boils down to doing the basics from planning to implementation to monitoring of the data.”
That begins, the report notes, with keeping track of corporate data.
“In the modern organization, data is everywhere and keeping track of it is an extremely complex challenge,” the report states. “The fundamental principle, however, is quite simple — if you don’t know where data is, you certainly can’t protect it.”
Among the chief recommendations of the study is to align process with policy, claiming that in 59 percent of data breaches, the company had security policies and procedures in place but not implemented. An even more striking finding of the study was that in 82 percent of the breaches, evidence was available to the organization prior to actual compromise.
The study also found a significant increase in the number and type of international data attacks, particularly from China and Vietnam. Those attacks often involved application exploits that led to a data breach. Attacks from the Middle East, on the other hand, often involved site defacements. IP addresses from Eastern Europe and Russia are commonly associated with the compromise of point-of-sale systems.
“As the world becomes more interconnected through information technologies, as enterprises aggressively seek global partnerships and as the laws governing the handling and disclosure of such incidents mature, it is likely that this upward trend of international data breaches will continue,” the study concluded.