If one thing became clear in 2015, it was that no organization, regardless of its size or vertical, is safe from a data breach. A breach can happen to any organization at any time. Anthem, the IRS and Experian were some of the high profile organizations that were impacted by data breaches in 2015.
Here are some of the most pressing cybersecurity statistics to take into consideration as you plan for the new year:
1. Over 169 million personal records were exposed in 2015, stemming from 781 publicized breaches across the financial, business, education, government and healthcare sectors.
– “ITRC Data Breach Reports – 2015 Year-End Totals” | ITRC
– “Cost of Data Breach Study: Global Analysis” | IBM/ Ponemon
3. In 2015, there were 38 percent more security incidents detected than in 2014.
– “The Global State of Information Security Survey 2016” | PWC
4. In 2015, even fewer SMBs (29 percent) used standard tools like configuration and patching to prevent security breaches, compared with 39 percent who did so in 2014.
– “Cisco 2016 Annual Security Report” | Cisco
5. The median number of days that attackers stay dormant within a network before detection is over 200.
– “Microsoft Advanced Threat Analytics” | Microsoft
6. At least 52 percent of respondents felt that a successful cyberattack against their network would take place within the year.
– “2015 Cyberthreat Defense Report” | CyberEdge Group
7. As much as 70 percent of cyberattacks use a combination of phishing and hacking techniques and involve a secondary victim.
– “2015 Data Breach Investigations Report” | Verizon
8. 74 percent of CISOs are concerned about employees stealing sensitive company information.
– “SANS 2015 Survey on Insider Threats” | SpectorSoft
9. Only 38 percent of global organizations claim they are prepared to handle a sophisticated cyberattack.
– “2015 Global Cybersecurity Status Report” | ISACA International
10. The majority of data breach victims surveyed, 81 percent, report they had neither a system nor a managed security service in place to ensure they could self-detect data breaches, relying instead on notification from an external party. This was the case despite the fact that self-detected breaches take just 14.5 days to contain from their intrusion date, whereas breaches detected by an external party take an average of 154 days to contain.
– “2015 Trustwave Global Security Report” | Trustwave
To understand more about how you can automate the response to cyber attacks, watch our video.