90% of Data Breaches Are Avoidable

Uploaded on 2016-02-02 in FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Resilience

Nine of every ten data breaches in 2015 could have been “easily prevented,” according to a study by The Online Trust Association.

Nine of every ten data breaches that occurred in the first eight months of 2015 were “easily avoidable,” underscoring the need for private sector investment in tools and processes to thwart cyber criminals. That, according to a study released by the Online Trust Association (OTA) January 2016.

Ninety one percent of data breaches that occurred from January to August of 2015 could have easily been prevented using simple and well-established security practices, such as applying software patches to a server, encrypting data or ensuring employees do not lose their laptops, said OTA, which analyzed over 1,000 breaches involving the loss of personally identifiable information (PII) in 2015.

Hacks accounted for a minority of those incidents: 34 percent. In contrast: 30 percent was caused by employees who leaked data accidentally, or maliciously.

The OTA released guidelines for businesses to follow and called on the private sector to do a better job assessing what data it must retain for business purposes and then applying strict security to that data.

“Organizations need to regularly review how they store, manage and secure their data. A plan needs to include prevention, detection, notification, remediation and recovery processes and operations,” the group said.

The Online Trust Alliance (OTA) is a non-profit, industry group created to “enhance online trust” by raising awareness of security and privacy issues affecting businesses and consumers. Its members include leading technology firms, retailers and others, including Microsoft, Twitter, The Gap, Verisign, Symantec and others.

Businesses and other organizations are too quick to collect customer and user data and too slow to protect it, the group has argued. That makes them attractive targets for hackers.
In recent months, the group has championed guidelines for holiday season shoppers buying connected gifts. It has also issued a guide for would be homebuyers to assess the security of connected or “smart” home features prior to purchase.

Security Ledger: http://bit.ly/1Twv5Yl

« Healthcare Data Is The Holy Grail for Cyber Thieves
After The OPM Hack Security Clearances Will Now Be Done By The Pentagon »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

Zen360Consult

Zen360Consult

Zen360Consult provides Advisory and Training services in the field of Cyber Resilience, which includes Cyber Security /ISMS and Business Continuity.

Global EPIC

Global EPIC

Global EPIC is an international cybersecurity initiative designed to combat growing world challenges by facilitating global collaboration in the field of cyber security.

Elevate Security

Elevate Security

Elevate is the leading Security Behavior Platform, changing employee security habits while giving security teams unprecedented visibility.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Salvador Technologies

Salvador Technologies

Salvador Technologies provides the world’s fastest technology to recover from cyber-attacks.

Hunton Andrews Kurth

Hunton Andrews Kurth

Hunton Andrews Kurth LLP serves clients across a broad range of complex transactional, litigation and regulatory matters. Practice areas include Privacy and Cybersecurity.

Talion

Talion

Talion aim to reduce the complexity involved in securing your organisation and to give security teams unrivalled visibility into their security operations, so they can make optimal decisions, fast.

Siege Technologies

Siege Technologies

Siege Technologies is a pioneer of multi-purpose cybersecurity products and services that enable customers to leverage both offensive and defensive technologies.

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

Invicti Security

Invicti Security

Invicti Security is an AppSec leader transforming the way web applications are secured.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.

Vantor

Vantor

Vantor is a Managed Security Services Provider (MSSP) that specializes in providing outsourced, managed cybersecurity services.