2016 Security Trends: What's Next for Data Breaches?

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next Next

Investment Info

Data breaches will increasingly be used to gain investment information.

Most data breaches have resulted in the loss of money or other financial instruments and identity details, such as account numbers, passwords, account balances and personal identity details. Few have involved the loss of material-confidential information that could give an investor an important edge in buying or selling stock or other investments. While this was an element in the massive breach of J.P. Morgan Chase — where insiders allegedly made off with more than $100 million — it has been fairly uncommon.

In 2015, two major newswire distribution services — plus a third smaller service — suffered a data breach. Typically public companies upload press releases detailing their upcoming earnings announcement or merger and acquisition announcements to such a newswire service in advance of their public announcement. An attacker could potentially get access to these files to make a substantial amount of money by acting on the information before it is made public. This actually happened, giving financial windfall to 30 or more individuals, including a hedge fund manager. At least two of the newswire services suffered attacks dating back five years, giving criminals access to over 150,000 press releases during that period. Because the services lacked the ability to effectively detect active network attackers, the criminals could carry out their schemes without fear of being seen.

Over the past year, there have been a number of disturbing developments with regards to data breaches. Not only have data breaches become more frequent, but their impact has become greater — not just in the sheer volume of information or assets stolen, but in the very nature of what hackers are targeting. The extremely sensitive data lost in the White House and Office of Personnel Management breaches are prime examples. Unfortunately, given the successful breaches of high-value targets in 2015, we can be sure that 2016 will only get worse.

With this horrifying direction and the gravity of what's at stake, it would be a fair expectation that most enterprises should be seriously looking at how their security needs to change. Obviously, traditional security is of little value when it comes to stopping a data breach. Intruders can easily elude preventative security — generally by compromising a single user device or account — and furtively conduct their business inside a network for months before being discovered.

A big part of the problem is that security organizations are still focused on preventative security — looking for a silver bullet that will keep an attacker out of their networks in the first place. Despite a Gartner recommendation that organizations shift security efforts toward the detection of network intruders and the emergence of promising new behavioral analytic tools and security strategies, well under 1 percent of enterprises have the ability to find a post-intrusion network attacker. Cyber criminals continue to have the potential for unimpeded, long-term success.

So how will attacks change in 2016? In this slideshow, David Thompson, Sr. Director of Product Management, LightCyber, has identified data breach trends we can expect to see in 2016.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Security117-190x128.jpg 5 Steps to Protect Executives from a Whale-Phishing Attack

Whaling is a type of spearphishing targeting "big fish" in an organization with access to sensitive, highly-valuable information. ...  More >>

Security116-190x128.jpg 5 Common Failures Companies Make Regarding Data Breaches

Five common failures companies make when preparing for, and responding to, a data breach, as well as guidance for companies on how they can tackle these issues. ...  More >>

Security115-290x195 Data-Centric Approach Starves Data-Hungry Cybercriminals

Incorporating security capabilities such as encryption, better control and management and a data security framework will help alleviate the burden breaches place on the organization and people's lives. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.