Canada has experienced its share of high profile data breaches in the past year, with much of the attention focused on storage devices gone missing from government departments. While protection against hacking attacks and malware planted by cyber criminals dominates many security concerns, it is actually mistakes made by people and systems that cause the majority of data breaches.0
Canada has experienced its share of high profile data breaches in the past year, with much of the attention focused on storage devices gone missing from government departments. While protection against hacking attacks and malware planted by cyber criminals dominates many security concerns, it is actually mistakes made by people and systems that cause the majority of data breaches.
According to Symantec’s 2013 Cost of a Data Breach study, negligence and system glitches together accounted for 64 per cent of data breaches last year. These can include employees mishandling information, violations of industry and government regulations, inadvertent data dumps, stolen laptops, and wrongful access.
Insiders greatly contribute to data breaches. In fact, in the eight years since Symantec started tracking data breach costs with the Ponemon Institute, the insider threat leading to data breach has increased 22 per cent. What’s even more concerning is these trusted insiders likely don’t know they’re doing something wrong.
In related research, Symantec found that 62 per cent of employees think it is acceptable to transfer corporate data outside the company on personal devices and cloud services. And the majority never delete the data, leaving it vulnerable to data leaks.
These breaches caused by human error are significant. Globally, the average cost per lost record was of $117, meaning the mistakes made by trusted employees are costing enterprises a lot of money. While the cost of a data breach can vary widely depending on the types of threats and the data protection laws in place, the financial consequences are serious worldwide.
But this year’s report is not all bad news – in the United States for example, the total cost per data breach was down slightly at $5.4 million. This suggests that organizations there have made improvements in how they plan for and respond to data breach incidents. Certain factors can help organizations reduce the cost of a data breach such as having a strong security posture and an incident response plan, and appointing a CISO.
“While Canadians weren’t included in the survey, the majority of the US organizations surveyed have a presence in Canada so the results for Canada are likely very similar,” said Larry Ponemon, Chairman and Founder, Ponemon Institute. “From previous Ponemon studies, we’ve seen that generally speaking, Canadians are better at protecting their information than Americans. They value privacy more.”
So what would a data breach cost your company? You can calculate an estimate of it yourself at www.databreachcalculator.com.
Symantec recommends the following best practices to prevent a data breach and reduce costs in the event of one:
1. Educate employees and train them on how to handle confidential information.
2. Use data loss prevention technology to find sensitive data and protect it from leaving your organization.
3. Deploy encryption and strong authentication solutions.
4. Prepare an incident response plan including proper steps for customer notification.0