You’ve heard it before: the proof is in the numbers. In the case of data security breaches, this couldn’t be truer. Plenty of industry statistics highlight the prevalence of data breaches as well as their significant impact on an enterprise’s bottom line.
Here is a list of recent statistics around data security breaches — some of which may surprise you.
You’ve heard it before: the proof is in the numbers.
Getty Images/iStockphoto1. In The First Six Months Of 2019, 3,800 Data Breaches Occurred
Consider this in the scope of the last four years. Between 2015 and 2018, the number of data breach incidents increased by less than 200 year-over-year. Compared to the same time last year, there has been a 54% increase in incidents in the first half of this year.
While this spike can be attributed to a variety of factors, the shift from on-premise to hybrid and cloud environments certainly plays a role. Customers tend to lean on cloud service providers (CSPs) for more security controls than the Shared Responsibility Model dictates, which can be the catalyst for cloud misconfigurations and unauthorized access (more on that a little later in the blog post).
2. On Average, It Takes 279 Days To Identify And Contain A Breach
Dark space is the enemy of any security operations team. Cyber attackers will leverage visibility gaps to make their way through a security environment without notice—and they’re often able to do so for an extended period, as this statistic suggests. This causes more records to be lost, with each lost record costing businesses an average of $150. (On average, 25,575 records are stolen in a data security breach.)
It’s no secret that visibility tends to become more difficult with hybrid and cloud environments. Log or agent-centric tools don’t provide the continuous visibility needed to oversee all of the relevant workloads and cloud accounts. Once businesses can observe all of the conversations in their security environment, they need to have the right tools available to detect threats in real time, as well as intuitive workflows to resolve issues.
3. 36% Of Error-Related Breaches Involved Misconfigurations On Databases
A cloud misconfiguration is essentially a hole in the infrastructure. Whether it’s a failure to implement proper access control or, more specifically, an AWS S3 cloud storage bucket that’s left unsecured, the result is an opening that invites potential security threats.
Take it from the global delivery services leader FedEx. The company discovered that an AWS S3 bucket with 119,000 scanned documents (which included passports and driver licenses) was left open to the public without a password, seemingly for several years in a row. This was an inherited server from Bongo International, a business that FedEx acquired in 2014.
This brings us back to the topic of cloud visibility. While companies need to have a comprehensive overview of their own security infrastructure, they also need to account for how integrating two networks in a merger and acquisition will impact their posture—or else their vulnerabilities become shared vulnerabilities.
Learn about one key method for ensuring cloud visibility and security in the free ebook, “Network Detection and Response: Cloud Security’s Missing Link.”
