2023 Sees Record Data Compromises Amidst Changing Tactics | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Last year saw a nearly 80% surge in data compromises compared to 2022, with 3,205 incidents recorded, according to a report from the Information Theft Resource Center (ITRC).

Despite the surge in breaches, the number of victims impacted saw a 16% decline from 2022, totaling 353,027,892 individuals.

This dip aligns with an ongoing trend in which cybercriminals are shifting their focus toward targeted identity fraud and scams rather than large-scale attacks, resulting in fewer overall victims.

The ITRC’s 2023 Annual Data Breach Report also shed light on significant shifts in cybersecurity threats, revealing a doubling in breach notices lacking specific attack details.

Just 54% of notices provided actionable information, down from nearly 100% in 2018, indicating a decline in transparency surrounding data breaches.

Security experts explained that, with the increasing trend toward opaque breach notices, organizations must enhance their transparency in disclosing data breaches.

Nick France, chief technology officer at Sectigo, said enhancing transparency in disclosing data breaches requires organizations to establish clear policies, provide timely notifications and engage in open communication with stakeholders.

“Education about cybersecurity is paramount, and collaborating with law enforcement and regulatory agencies is also essential,” he said. “Thorough investigations must be conducted to identify vulnerabilities and remediation measures should be implemented to prevent future breaches.”

Emphasizing accountability, conducting post-incident reviews and continuously improving response procedures are critical.

“By implementing these strategies, organizations can ensure that essential information, such as the attack vector, is consistently included in breach disclosures,” France explained. “This not only mitigates the impact on affected individuals but also maintains trust and credibility with stakeholders.”

Key findings from the ITRC report also underlined the widespread impact of cybersecurity threats across industries.

Nearly 11% of publicly traded companies fell victim to breaches, with 47% withholding attack information in their notices.

Healthcare, financial services, and transportation sectors experienced more than double the compromises compared to the previous year, with utility companies leading in victim numbers.

Publicly traded companies face specific challenges in maintaining cybersecurity resilience due to their high-profile nature and the scrutiny they face from shareholders, regulators and the public.

France explained these challenges include balancing cybersecurity investments with shareholder expectations, managing complex supply chain risks, vendor consolidation and addressing regulatory compliance requirements.

“Companies must prioritize cybersecurity as a board-level issue, invest in robust cybersecurity measures, enhance third-party risk management practices and foster a culture of cybersecurity awareness and accountability throughout the organization,” he said.

Collaboration with industry peers and leveraging emerging technologies can also bolster cybersecurity resilience for publicly traded companies.

The report also highlighted evolving attack vectors, with cyberattacks remaining the primary cause of breaches. While phishing and ransomware attacks saw a slight decline, zero-day exploits surged significantly, posing new challenges for cybersecurity professionals.

Supply chain attacks emerged as a growing concern, impacting a rising number of organizations and individuals. Since 2018, incidents have skyrocketed by over 2,600%, with victims increasing by 1,400%.

Claude Mandy, chief evangelist of data security at Symmetry Systems, said well-prepared organizations have already clearly determined thresholds for “materiality”—a key determination required under the new SEC reporting rules and predefined incident response plans.

“These well-rehearsed and tested plans foster collaboration between cybersecurity, legal, and communication teams to ensure a unified response strategy,” he said. “More importantly, organizations need to find ways to swiftly determine the potential impact of a breach, even from the compromise of a single account.”

They should look at ways to streamline their investigation and determine the potential materiality of an incident using technologies like data security posture management (DSPM) and data detection and response.

Mandy said they should also be actively and proactively trying to reduce the data at risk from compromises of actionable issues like dormant identities and dormant data and overprivileged accounts to ensure they reduce the frequency of events that trigger the materiality thresholds.

France noted organizations can strengthen their cybersecurity posture through proactive measures.

“This includes regularly updating software and systems, implementing robust access controls and encryption protocols, conducting regular security assessments, and providing comprehensive cybersecurity training for employees,” he said.

Additionally, establishing incident response plans, collaborating with industry peers and security experts, and staying informed about emerging threats can help mitigate the risk of falling victim to similar attacks in the future.

Recent Articles By Author


Click Here For The Original Source.

National Cyber Security