90% of Data Breaches Are Avoidable

Uploaded on 2016-02-02 in FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Resilience

Nine of every ten data breaches in 2015 could have been “easily prevented,” according to a study by The Online Trust Association.

Nine of every ten data breaches that occurred in the first eight months of 2015 were “easily avoidable,” underscoring the need for private sector investment in tools and processes to thwart cyber criminals. That, according to a study released by the Online Trust Association (OTA) January 2016.

Ninety one percent of data breaches that occurred from January to August of 2015 could have easily been prevented using simple and well-established security practices, such as applying software patches to a server, encrypting data or ensuring employees do not lose their laptops, said OTA, which analyzed over 1,000 breaches involving the loss of personally identifiable information (PII) in 2015.

Hacks accounted for a minority of those incidents: 34 percent. In contrast: 30 percent was caused by employees who leaked data accidentally, or maliciously.

The OTA released guidelines for businesses to follow and called on the private sector to do a better job assessing what data it must retain for business purposes and then applying strict security to that data.

“Organizations need to regularly review how they store, manage and secure their data. A plan needs to include prevention, detection, notification, remediation and recovery processes and operations,” the group said.

The Online Trust Alliance (OTA) is a non-profit, industry group created to “enhance online trust” by raising awareness of security and privacy issues affecting businesses and consumers. Its members include leading technology firms, retailers and others, including Microsoft, Twitter, The Gap, Verisign, Symantec and others.

Businesses and other organizations are too quick to collect customer and user data and too slow to protect it, the group has argued. That makes them attractive targets for hackers.
In recent months, the group has championed guidelines for holiday season shoppers buying connected gifts. It has also issued a guide for would be homebuyers to assess the security of connected or “smart” home features prior to purchase.

Security Ledger: http://bit.ly/1Twv5Yl

« Healthcare Data Is The Holy Grail for Cyber Thieves
After The OPM Hack Security Clearances Will Now Be Done By The Pentagon »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Radiant Logic

Radiant Logic

Radiant Logic is a market-leading provider of federated identity solutions based on virtualization, and delivers simple, logical, and standards-based access to all identities within an organization.

CDNetworks

CDNetworks

CDNetworks is a global content delivery network with a fully integrated cloud security solution, offering unparalleled speed, security and reliability for the almost instant delivery of web content.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

Fornetix

Fornetix

Fornetix is a cybersecurity platform enabling Zero Trust while delivering critical encryption automation, access controls, authorization services, machine identity, and ICAM solutions,

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

Symantec

Symantec

Symantec delivers data-centric hybrid security for the largest, most complex organizations in the world – on devices, in private data centers, and in the cloud.

nsKnox

nsKnox

nsKnox is a fintech-security company, enabling corporations and banks to prevent fraud and ensure compliance in B2B Payments.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

Hub71

Hub71

Hub71 is a world-class tech ecosystem opening doors to global opportunities from an optimal business environment for entrepreneurial-minded innovators.

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

The NCTV serves the Netherlands’ national security. We protect national interests, identify threats and strengthen resilience.

Lintu Solutions

Lintu Solutions

Lintu Solutions is a trusted provider of comprehensive cybersecurity and enterprise risk management solutions.

SKADI Cyber Defense

SKADI Cyber Defense

At SKADI Cyber Defense, we specialize in enterprise-grade cybersecurity solutions tailored for small to medium businesses.