90% of Data Breaches Are Avoidable
Nine of every ten data breaches in 2015 could have been “easily prevented,” according to a study by The Online Trust Association.
Nine of every ten data breaches that occurred in the first eight months of 2015 were “easily avoidable,” underscoring the need for private sector investment in tools and processes to thwart cyber criminals. That, according to a study released by the Online Trust Association (OTA) January 2016.
Ninety one percent of data breaches that occurred from January to August of 2015 could have easily been prevented using simple and well-established security practices, such as applying software patches to a server, encrypting data or ensuring employees do not lose their laptops, said OTA, which analyzed over 1,000 breaches involving the loss of personally identifiable information (PII) in 2015.
Hacks accounted for a minority of those incidents: 34 percent. In contrast: 30 percent was caused by employees who leaked data accidentally, or maliciously.
The OTA released guidelines for businesses to follow and called on the private sector to do a better job assessing what data it must retain for business purposes and then applying strict security to that data.
“Organizations need to regularly review how they store, manage and secure their data. A plan needs to include prevention, detection, notification, remediation and recovery processes and operations,” the group said.
The Online Trust Alliance (OTA) is a non-profit, industry group created to “enhance online trust” by raising awareness of security and privacy issues affecting businesses and consumers. Its members include leading technology firms, retailers and others, including Microsoft, Twitter, The Gap, Verisign, Symantec and others.
Businesses and other organizations are too quick to collect customer and user data and too slow to protect it, the group has argued. That makes them attractive targets for hackers.
In recent months, the group has championed guidelines for holiday season shoppers buying connected gifts. It has also issued a guide for would be homebuyers to assess the security of connected or “smart” home features prior to purchase.
Security Ledger: http://bit.ly/1Twv5Yl