Data Breach Incidents up 16% From 2021, New Study Finds
As the U.S. economy continues to deal with record-setting inflation that has been caused in part by the onset of the worldwide COVID-19 pandemic, as well as other various mitigating factors, the realm of cybersecurity has proven to be no different. To this point, ForgeRock, a multinational identity and access management software company that is based in San Francisco, California, has released a report showing the average cost of managing a data breach incident in the U.S. has increased by 16% during the past year. Moreover, this increase has subsequently made the U.S. the most expensive place in the world to recover from a security breach incident.
ForgeRock Consumer Identity Breach Report 2022
In ForgeRock’s Consumer Identity Breach Report 2022, a case study detailing the occurrence of data breaches that have taken place around the world during the first six months of 2022, consumers are provided with a wide variety of information concerning data breaches, statistics pertaining to these breaches, and the role of a nation’s government in reducing the number of data breaches that occur, among a host of other pertinent information. This information is categorized according to different countries, including but not limited to the U.S., Singapore, Germany, and Australia.
With all of this being said, one of the key points that the study raised regarding data breach incidents that have taken place within the U.S. is that the average costs associated with such breaches have risen by 16% in the past year and a half, as the average for 2020 was $8.2 million, while the current number is $9.5 million. On top of this, the study also found that the number of data breaches that occurred in relation to third parties or supply chain issues has risen by 297% since 2020, as nearly 500 data breaches occurred in relation to these issues in 2021 when compared to 126 during 2020. Furthermore, these data breaches alone constituted 25% of all breaches that occurred in the U.S. during 2021.
Irrespective of the U.S. industry in which a data breach occurred, as well as the specific forms of personally identifiable information that were disclosed as a result of a breach, the study conducted by ForgeRock, found that 50% of data breaches that occurred in the U.S. during the past four years were caused due to the unauthorized access of files or data. Cybercriminals around the globe access personal data that is confidential using a number of different methods and means, including ransomware, web application attacks, compromised accounts, and point of sale intrusions, as well as many others. In many instances, individuals that have their personal data accessed without their knowledge will struggle to recover this information, leading to adverse consequences for said individuals.
ForgeRock’s Best Practices
While the case study that ForgeRock conducted in regard to data breach incidents that have taken place around the world during the past few years contains many alarming facts and statistics, the study also sets forth two specific best practices that businesses and organizations can implement in order to prevent the occurrence of security breach incidents. Firstly, the study advises that businesses and organizations prevent the infiltration of their files and data by leveraging cutting-edge technology programs that utilize machine learning algorithms and artificial intelligence, as well as advanced pattern recognition and behavioral analytics, as preventive measures will often be the most effective way at combating a particular problem or issue in general.
To illustrate this point further, a healthcare organization that is looking to protect the numerous forms of personal information they collect concerning their patients could look to an automatic redaction software program. As these software programs use AI and machine learning algorithms to automatically redact personal data such as names, addresses, telephone numbers, and financial account information, a medical facility could use these programs to ensure that the information they have collected from their respective patients remains secure from unauthorized access or disclosure. What’s more, as these software programs enable users to redact information across a wide range of mediums, including PDFs, emails, audio and video files, and images, business professionals can have the peace of mind that they will be able to protect personal data across all file types, be they physical or electronic.
On the other hand, the second best practice that ForgeRock advises businesses to implement in an effort to curtail data breaches is to prevent the exfiltration of their information and data. As the overwhelming majority of personal information that a particular organization or business collects will be done so by the employees of such entities, assuring that these employees are doing everything they can to protect the data they collect is of the utmost importance. For example, simply opening a suspicious email is enough to trigger a data breach, while an action as simple as failing to log out of a work computer can create a scenario where a cybercriminal can easily pilfer the details contained within the machine. Likewise, businesses can also create data privacy policies and procedures that their employees can follow when handling the personal information of customers in-house.
As online communications and interactions across the globe continue to increase, instances, where cyber criminals attempt to steal the information and data that are involved in these communications and interactions, will also continue to increase. As such, businesses and individuals alike will have to take additional precautions to try and safeguard their personal information, as the unauthorized disclosure of this information represents an unfavorable situation for all parties involved, particularly as even more work becomes remote during the current COVID-19 pandemic. To this end, ForgeRock’s Consumer Identity Breach Report 2022 undoubtedly provides organizations with a great place to start with respect to reducing the occurrences of data breaches.