Despite an astonishing rise in lost or stolen data records, European organisations have become much more secure, according to Gemalto’s Breach Level Index.
Europe accounted for only 49 (of 918) breaches in the first half of 2017, down 35% from the previous six months. The UK had by far the most incidents (40), followed by the Netherlands and Malta (two each), and Austria, the Czech Republic, Italy, Lithuania and Norway (one each).
“Security breaches are unavoidable”
Across the rest of the world, the number of compromised data records has been spiralling out of control. In total, 1.9 billion records were lost or stolen as of the end of June 2017, compared to 1.37 billion in all of 2016. There were 743 million breached records in 2015 and 289 million in 2014.
Yet Europe only accounted for 29 million lost data records in H1 2017, which is just 1.5% of the global total. This statistic is arguably more surprising than the continent’s reduction in data breaches, because it shows that there has been a decrease in the number of lost or stolen records per breach. This is contrary to the global trend: the number of breached records has more than doubled over the past six months, but the number of breaches has only grown by 13% – from 815 to 921.
This is indicative of the rise in the frequency, scope and sophistication of cyber attacks. As Gemalto writes: “More and more organisations are accepting the fact that, despite their best efforts, security breaches are unavoidable.”
This doesn’t mean there is nothing organisations can do to mitigate the damage of data breaches. For example, preventing accidental loss is comparatively easy and would dramatically reduce the number of breached records. The Data Breach Index reports that accidental loss accounted for 166 incidents (18%) over the first half of 2017, but was the cause of 86% of all breached records.
Prevent accidental losses and other data breaches
Organisations can help mitigate the risk of accidental data loss by enrolling their staff on our Information Security Staff Awareness E-Learning Course.
This course will familiarise your employees with the basics of information security, including security threats via email, the Internet and the workplace. It will also introduce them to your policies on incident reporting and responses.
The subject matter isn’t technical, because the course is aimed at anyone who processes information and uses information technology or the Internet in their job.