Insiders, Mistakes, and Low-Tech Thefts Cause Most Data Breaches: Annual Data Breach Trends Report
May 10, 2016
Nearly every day there is a data security incident requiring a response from businesses and organizations. To help clients better understand what is behind these events and how to prevent them, Kroll annually issues a report based on an analysis of our clients’ data breach cases. The 2016 edition, Special Report: Annual Data Breach Trends, provides the latest findings along with our recommendations.
Key highlights from the report
Insiders cause almost three in four data breaches. Current and former employees along with related third parties accounted for almost 70 percent of data breaches.
Non-malicious mistakes lead to majority of losses. Human errors — accidental exposure, lost devices, and other non-malicious forms of data loss — were at the root of 60 percent of cases.
Malicious breaches are often very low-tech. Hacking gets the headlines, but 58 percent of breaches considered malicious or non-accidental resulted from stolen data, such as from laptop thefts.
Paper records are still a big risk. In the age of digital hype, the threat of a breach via paper records was still surprisingly strong at 32 percent of data losses.
Tips for preventing data losses
Make no mistake: hacking and sophisticated cyber attacks are a real threat that require specialized resources and expertise. The good news is that the current data breach trends demonstrate that many incidents are both preventable and manageable. Here are three tips to better protect your organization from a future data loss:
Go on a “data diet.” Review what type of data you’re storing and strongly consider going on a “data diet.” Collect only the data, particularly personal data, you absolutely need, then delete, reduce, and reevaluate the data you are holding on a regular basis.
Treat all PII like it’s your own. If you must store sensitive personally identifiable information (“PII”), understand and control how it is used, where it is stored, and who has access to it. Considering that many data breaches we see are due to lost or stolen laptops or paper records improperly disposed of, these are two areas where some immediate oversight can deliver long-term protection.
Train, train, train! Remember that nearly three out of four events we saw last year were attributable to insiders, and most of the time these were due to mistakes. It is human nature to forget protocols or get complacent about security; regular training for employees and related third parties will keep information security top of mind, along with your company’s policies, procedures, and expectations.
Conducting breach drills or tabletop exercises on a regular basis can confirm your organization’s readiness to deal with a crisis, or highlight gaps that need your attention. Part of this readiness will require having a detailed, step-by-step communication and notification action plan, as well as a strong relationship with specialized outside counsel to help guide a response.
Hear from an expert
In working with clients of all sizes and industries on their data breaches, our team sees firsthand the impact of such incidents and fully understands why protecting data is such a valuable investment. Consumers, clients, and individuals are more aware than ever about the nuances of data theft. That is why today, when a breach occurs and is confirmed, it is no longer enough for an organization to simply say: “The breach is contained.”
In this short video, Managing Director Brian Lapidus, leader of Kroll’s Identity Theft and Breach Notification practice, offers an overview of the impact of breaches, the threats that exist, and why it is so important for organizations to work diligently to protect the information in their care.