2018 may be consigned to the record books but the omnipresent specter of data security breaches is unlikely to diminish in the new year.
The last 12 months has been unremarkable in terms of ongoing cybersecurity threats, with data breaches and attacks happening on what appears to be a daily basis. According to a report by security expert McAfee, there are an average of 480 new threats every minute, a sobering statistic that merely confirms that cybercrime is now the expected norm in our digitally connected society.
And while 2018 was arguably neither better or worse than any of the previous years' cyberincidents, there were an increased number of major brands and household names that had to hold their hands up to a lack of data security.
Big names, big problems
Facebook, Marriott, Adidas, Macy's, British Airways, Under Armor and Dunkin' Donuts (to name but a few) all found themselves under the data breach spotlight, with hundreds of millions of people having their data exposed. Even NASA was not immune to a data security breach, CNET reported, after an internal memo told employees that personal data (including social security numbers) had been compromised.
Facebook's difficult year was encapsulated in the Cambridge Analytica scandal which saw the details of 87 million users accessed by a political consultancy. As an added bonus, the social media behemoth found that a function within the platform's code had allowed malicious actors to access around 50 million user accounts, an attack that required 90 million people to log out of their accounts while the vulnerability was patched.
By contrast, the Marriott data breach, for instance, revealed information relating to over 500 million guests, with the hotel chain admitting that unauthorized access to its guest database had been going on since 2014.
According to Verizon's 2018 Data Breach Investigations Report, there were over 53,000 security incidents reported in the last 12 months, with 2,216 data breaches spread over 65 countries. Around 73 percent of breaches were financially motivated, Verizon said, thanks to an increase in the number of identified ransomware attacks. Somewhat disturbingly, 68 percent of confirmed breaches took months to discover, the report noted.
"The time it takes cybercriminals to compromise a system is often just a matter of minutes – or even seconds," said the authors of the report. "They don't need much time to extract valuable data – they usually have much more than they need as it typically takes organizations weeks or months to discover a breach. In many cases, it's not even the organization itself that spots the breach – it's often a third party, like law enforcement or a partner. Worst of all, many breaches are spotted by customers."
IT modernization can patch holes
The problem for IT administrators and business leaders is that the average person is becoming almost blasé to the possibility of a data breach. Most people don't really have the option of keeping their data secure, rather they put their trust in the companies and enterprises that require this data to transact and engage. Data has become a commodity and people have become used to providing this information on a regular basis.
For example, the sheer level of digitally-created data that is made available to, say, retailers, utilities, healthcare providers, online streaming services, hotel chains and financial institutions means that there are numerous avenues to exploit and attack. As recently as five years ago, the news that 100,000 people had been affected by a breach (that included usernames, passwords and perhaps contact details) would have been a cause for concern. Today, we just accept it as part and parcel of our embrace of technology.
"As customers grow more accustomed to breaches being revealed regularly, they tend to either accept them or ignore them," said McAfee's chief consumer evangelist Gary Davis, in an interview with USA Today. "With security fatigue, (consumers) just throw their hands up and say something bad is going to happen, so I should brace myself for it. Or they say, 'It's not going to happen to me, it will happen to somebody else.' "
Although data breaches are no longer isolated incidents, there is a consensus that they are not likely to slow down in the near future. A recent Gallup poll said that 1 in 4 Americans have already been victims of malicious online actors, with 71 percent of U.S. citizens worried about cybercrime and 67 percent about identity theft.
With that in mind, there is an onus on companies and enterprises to make certain that their existing or legacy IT infrastructure is robust enough to both prevent an attack and, importantly, protect both company and end user data. Agile IT modernization, for instance, is a significant step in combating the whims of cybercriminals, while simply keeping anti-virus software up-to-date can be a way to patch (as-yet) unidentified vulnerabilities or holes.
Inventu can help businesses of all sizes protect their data through secure application development tools. Our innovative Flynet Viewer, for example, makes screen integration easier and facilitates secure application development in a way that feels both familiar and simple. To find out how we can alleviate your data security concerns, contact us today.