Current state of data breaches, hacking: Cybersecurity concerns

Major data breaches are in the news all the time and you know how important cybersecurity is to your organization. Protecting customer and employee info is a priority for every company, but new research on breaches this year could affect your cybersecurity profile going into 2019.

According to Healthcare IT News, data breaches may be down slightly since 2017, but high-level breaches are on the rise. These “mega-breaches” occur across all industries, especially health care, banking and other areas where private info is at a premium.

So far in 2018, there have been 3,676 publicly disclosed data breaches exposing 3.6 billion records at various companies. Mega-breaches, which are breaches that expose at least 100 million records, accounted for 84% of the 3.6 billion records exposed.

As expected, hacking remains the most common cause of data breaches.

Data breach trends

Although data breaches are slightly down from 2017, overall they’re still a significant problem.

“The overall trend continues to be more breaches and more ‘mega breaches’ impacting tens of millions, if not hundreds of millions, of records at once,” said Inga Goddijn, executive vice president for Risk Based Security, which conducted a recent study of 2018 data breaches.

Other problems include ransomware threats, such as the SamSam virus, and other malware campaigns.

Cleaning up after one of these attacks can cost millions, and info often still ends up exposed.

Cybersecurity improvements

While most companies are improving cybersecurity quickly, hackers also continue to improve and discover new ways to take advantage of vulnerable facilities.

Smaller companies are usually less secure than large organizations, but no matter the size, cybersecurity protocols must be followed consistently.

When considering your company’s cybersecurity policies and measures, you might want to hire a third-party cybersecurity expert to take a look at your systems and find any holes that could be fixed. Obviously IT is your forte, but allowing objective observers in may help patch harder-to-find issues.

If you’re not already, hold training sessions for staff on proper security measures. Make sure employees aren’t sharing passwords, and consider implementing a monthly or quarterly password change requirement to keep data safe.

You can also host mock phishing drills to expose employees to common hacking techniques and remind them to never give out private information unless they’re sure who’s asking for it.