Data Breaches: What Do the Numbers Mean?

Risk Based Security came out with their annual data breach report this past week. Overall, 2018 brought the second-highest number of reported data breaches of any year on record.

“It’s been an unusual year for breach activity,” commented Inga Goddijn, executive vice president of Risk Based Security. “We’ve been monitoring breach events for more than a dozen years now and this is the first time we’ve observed a slow start to the year following by a growing number of disclosures as the months pass. We suspect various factors including the allure of crypto mining had an impact on breach activity early in the year, but disclosures rebounded throughout the summer and into the last quarter.”

The full report is available by visiting their website here.

Goddijn said of the work, “we were curious to see if the General Data Protection Regulation (GDPR) would have a discernible impact on how long it takes for an organization to go public with a breach report.” Curiously, the average number of days between discovery and disclosure has been approximately 49 days for the past two years. Goddijn commented, “From 2014 until 2017, the average number of days had been declining. We assumed awareness of GDPR reporting requirements would put pressure on organizations to continue to close the gap. So it was surprising to see 2018 end at an average of 49.6 days, slightly above 2017’s average of 48.6 days.”

Here are a few of the highlights:   

  • 2018 came in as the second most active year for publicly disclosed breaches, missing 2017’s high mark by only 3.2%.
  • 6,515 breaches were reported through December 31, 2018, exposing approximately 5 billion
  • Compared to 2017, the number of reported breaches was down 3.2% and the number of exposed records was (Read more...)

*** This is a Security Bloggers Network syndicated blog from Lohrmann on Cybersecurity authored by Lohrmann on Cybersecurity. Read the original post at: