It’s been a few weeks since Verizon released the 12th edition of its Data Breach Investigations Report (DBIR). For this publication, Verizon’s researchers studied 41,686 security incidents in which a response was necessary. These analysts found that 2,013 of those incidents were data breaches in that some sort of information was actually compromised.
Those interested in how data breaches occur should be familiar with the general topography of the Internet. In our previous piece, we discussed the difference between the surface web, deep web and dark web. Most estimates about the topography of the Internet conclude that the deep web makes up between 95%-99% of all web sites. The dark web likely comprises less than 1%, while the surface web accounts for only a few percentage points itself. Nearly the entire Internet is the deep web.
In May 2019, Verizon Enterprise released the 12th edition of its Data Breach Investigations Report (DBIR). Researchers analyzed a total of 41,686 security incidents, of which there were 2,013 data breaches, for the publication. More than half (52 percent) of those reported breaches involved some form of hacking. The report listed the most prominent hacking variety and vector combinations, with “vulnerability exploitation” making the top three.
When you hear about a data breach in the news, it’s usually related to a major company or social media network that has been targeted. The erroneous conclusion would be that the hackers only focus on exploiting security flaws in large organizations, but the opposite is true.
A data breach remains a common headline in the news cycle. A different company, website or social network reports a security issue almost daily. If it feels like using the internet has become a risky endeavor, the feeling is accurate. But what exactly classifies an event as a data breach? The world wide web is littered with different security gaps and vulnerabilities. But that doesn’t mean they have been exposed or attacked yet.
Cybersecurity is a continuous phenomenon. New countless threats emerge every day and cybersecurity analysts continually develop a fast, reliable, and sophisticated techniques to thwart these notorious threats in order to prevent financial loss and reputational damage. According to the Analysts, like the previous year (2018), 2019 will also witness the increase in data breaches.
With over 80 million players globally, Fortnite stands out as an undisputed champion when it comes to online gaming. Fortnite has been developed by Epic Games, an American game developer. However, it seems that the same cannot be said for Epic Games when it comes to security and protection of user data. Fortnite accounts for around 50% of Epic Games’ estimated value of $8.5 billion.
In mid-November last year, the retail giant Target experienced a security breach where customers’ credit card information was stolen. At first, it was thought that 40 million users had been affected but by January 2014, those numbers skyrocketed to a stunning 100 million. What emerged was the story of hackers who had appeared as “the good guys” in order to harvest as much information as they could from Target’s network.
A security breach is defined as any unauthorized access or acquisition that compromises the security, confidentiality, integrity or availability of covered information, systems, and applications. Recent years have seen significant amounts of legislative activity related to state data breach notification laws. South Dakota and Alabama enacted new data breach notification laws in 2019, becoming the last of 50 U.S. states to enact such laws.
The likelihood that your organization will suffer a material data breach in the next 2 years is nearly 28%, and that’s higher than last year’s risk according to The Ponemon Institute’s 2018 Cost of a Data Breach Study: Global Overview. Counsel’s best strategy is to insist on a strong organizational plan to quickly and effectively respond to data breaches and, ultimately, prevent them in the future.
