According to a survey conducted by ThreatTrack Security, there may be considerably more data breaches occurring than the public hears about, especially at the enterprise level. A recent survey found that 57 percent of enterprise malware analysts have investigated or addressed a data breach that was never disclosed.
Verizon’s 2013 Data Breach Investigations Report counted 621 confirmed data breaches in 2012. The Identity Theft Resource Center, which only counts data breaches involving someone’s name plus a SSN, driver’s license number, medical record, payment card or financial record, tallied 470 data breaches in 2012 and 525 as of November 19, 2013. But according to the ThreatTrack Security blind survey of 200 security professionals working for US companies, the actual number of data breaches may be much higher. The most alarming statistic from this survey is that more than half of malware analysts have addressed security issues related to data breaches that a US organization did not disclose.
When security professionals were asked about the most difficult aspects of protecting their organization’s networks from malware and cyber-attacks 67 percent cited the complexity of malware, 67 percent mentioned the frequency of attacks, and 58 percent said the ineffectiveness of market solutions were crucial issues. Another issue among respondents was that too much time was spent addressing preventable malware infections infiltrating the devices of company executives. This included devices that were infected by clicking on links in a phishing email, allowing a family member to use a company-owned device and installing a mobile app that contains malware.
For more information:
Comments