Although 2011 was first hailed the “Year of the Data Breach,” it appears that was only the beginning. Last year was truly an exceptional year for data breaches, with more data records lost and stolen than ever before. While cyber-espionage and threats to privacy grabbed the headlines, by the end of the year we were faced with the reality that cybercrime remains the most prevalent and a real security threat to businesses. Huge data heists on companies like Target, LivingSocial and AOL, impacted brand reputations, consumer trust and ultimately the bottom line.
In Symantec’s latest Internet Security Threat Report (ISTR), we found the number of data breaches grew 62 percent from 2012, translating to more than 552 million identities exposed last year – an increase of 368 percent. This was also the first year that the top eight data breaches each resulted in the loss of tens of millions of identities – making it the year of the “mega breach.” By comparison, only one data breach in 2012 reached that distinction.
Clearly, hackers are upgrading their tools and creating more sophisticated attacks, which means businesses must do the same when it comes to security. In today’s complex IT environment, cybersecurity is a business imperative, and successful security programs should assume that an incident is not a matter of if, but when.
Find out what your business should be doing after the year of the data breach – Symantec’s CIO, Sheila Jordan shares best practices for CIOs and CSOs to protect their organization’s information in Dark Reading.