More than 175 million records were compromised between April and June due to 237 data breaches, bringing the 2014 total to 375 million records affected and 559 data breaches. That’s a lot of records illegally accessed for less than 1,000 breaches worldwide. What this tells me is that even SMBs store a lot more records than they may realize, and a single data breach can result in a huge payoff for a hacker.
These numbers are from SafeNet’s Breach Level Index second quarter report. The report found that retail was the hardest hit industry, with more than 145 million records stolen, or 83 percent of all data records breached, according to a release.
Here is an important finding in the report: Less than 1 percent of all of the data breaches in the second quarter happened to networks that used encryption or strong security platforms to protect the data. So, no, not every security system is foolproof, but you greatly improve your chances of avoiding a breach if you put strong security practices in place. At the same time, it is a little scary to think how many businesses are still lacking when it comes to network security. Good security is vital to any company’s success, and a second report from SafeNet shows why. Once a customer discovers a company has been breached, he or she is not likely returning. As Yahoo Finance reported:
The global research surveyed over 4,500 adults across five of the world's largest economies – US, UK, Germany, Japan, and Australia. It found that nearly two-thirds (65 percent) of respondents would never or were very unlikely to, shop or do business again with a company that had experienced a data breach where financial data (credit card information, bank account number, or associated login details) was stolen.
In its conclusion, the SafeNet report ponders why companies aren’t stepping up to the security challenge and doing more to protect their customers. It’s a good question, one I’ve certainly asked here and one that security experts often discuss. The report also makes a very good observation:
While many companies focus on the perimeter to keep the bad guys out, they often do not have a comprehensive plan to limit the damage once they get in.
SafeNet adds that there’s an easy fix here: Add stronger encryption and improve user access to the network. Based on the results of who gets breached and who doesn’t because of strong encryption, that’s pretty good advice. But I don’t think it is an easy fix.
First you have to get everyone in the company, from leadership on down to the stock room, on board with the need to practice better security. Perhaps the way to approach this is to make them understand that their jobs are on the line. After all, if customers walk away because your company suffered a breach, would your business be able to survive?
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba