Subscribe to the InfoTech eNewsletter

infoTECH Feature

April 29, 2014

SafeNet Breach Level Index Shows Surge in First Three Months of 2014

We all know the headlines about major data breaches. However, if that were not bad enough behind the headlines are the hard facts that as noted by the authors of the recently released Verizon 2014 Data Breach Investigations Report, “the bad guys are winning.”  More of those facts became disturbingly available with the release by security solutions provider SafeNet (News - Alert) of its SafeNet Breach Level Index (BLI) for the first quarter of 2014. It underscores just how bad things are and how fast the situation is escalating.

According to the SafeNet BLI—a complex algorithmic-based way of analyzing breach information to derive amongst several key data points a breach severity rating—more than 200 million records were stolen in the first quarter of 2014. This is the equivalent of roughly 93,000 records stolen every hour. That number is jaw-dropping by itself but the one that stands out is that this represents an increase of 233 percent over the same time last year.

If there is a silver lining in the BLI it is the confirmation of the adage that, “An ounce of prevention is worth a pound of cure.”  IT departments would be well-advised to inform their management that of the 254 data breaches that occurred during the quarter, only 1 percent were “secure breaches,” e.g., ones where strong encryption, key management, or authentication solutions protected the data from being used.   

A quarter to that is a call to action

Below are some of the key findings of the BLI, which provides details about hundreds of individual data breaches, which can be sorted by source, industry, risk level, and date:

  • More than 254 data breaches were publicized, representing 200 million lost or stolen data records. Because of the varying strictness of data breach reporting requirements around the globe, this quarterly data does not include organizations that didn’t disclose the amount of data records that were exposed.
  • South Korea took the top spot of all countries with four of the top five breaches worldwide and a loss of 158 million records across a variety of industries. While the number of South Korean breached records was extremely high, the number of breach incidents in Asia Pacific accounted for only 7 percent of the total number of global breaches, dwarfed by the 78 percent (199 incidents) that occurred in North America and 13 percent in Europe.

In addition:

  • Not surprisingly, the financial industry was hit hardest, accounting for 56 percent of all data records lost or stolen.  However, it represented only 14 percent of total breaches.
  • The healthcare industry had a heavy incidence of events, accounting for 24 percent of all breaches, yet accounted for just 9 percent of data records lost or stolen.
  • 20 percent of all records lost or stolen came from the technology industry, while retail represented just 1 percent of data records lost or stolen and 10 percent of all data breaches.
  • Government and education breaches accounted for less than 1 percent of total records stolen and 23 percent of data breaches.

    Source (News - Alert): SafeNet Breach Level Index (BLI) Q1 2014

    While the variation by sector in terms of number of records compromised versus number of successful breaches is interesting and instructive, one finding that provides context and food for thought deals with identifying those responsible for breaches. Here is a hint. It is not what the headlines might suggest.

  • Malicious outsiders accounted for 156 (62 percent) of total incidents during the first quarter, with over 86 million records stolen.
  • Malicious insiders only accounted for 11 percent of total incidents, but they were much more effective, accounting for 52 percent of records stolen.
  • Accidental loss represented 25 percent of total incident.
  • Hacktivist and state-sponsored attacks added up to only 2 percent of the total.

Source: SafeNet Breach Level Index (BLI) Q1 2014

There were approximately three breaches and 2.2 million records stolen each day, and more than 93,000 per hour. Additional quarterly breakdowns are available in the BLI Executive Summary.    

“The white noise of data breach reporting makes every breach seem just as bad as the last, but this is certainly not the case. Some organizations are handling customer data responsibly, and others are not. Tools like the Breach Level Index can help companies and the public alike understand the actual severity of breaches on a graduated scale and distinguish between these two groups,” said Tsion Gonen, chief strategy officer, SafeNet.  “In differentiating between secure and insecure breaches, it’s important to look at which victims have protected their data with encryption to limit the damage from a breach and render the date unusable to cyber criminals.”     

He could have added that there is a difference in velocity and ferocity and that just because your sector is not a prime target of those with malicious intent, does not mean that your organization should not be vigilant. In fact, what the headlines do highlight is the diversity of targets that have been selected.

Indeed, there can be some certainty since the bad guys are constantly probing for any vulnerability that if your organization is lax on implementing even basic best practices, the fact that you have not been breached is a “luck of the draw” happenstance and not a function of possibly being in a sector that tends not to draw hacker attention.  In addition, the numbers on the “effectiveness” of insider malicious attacks needs to be taken into full consideration. 

As noted above these reports can be used as calls to actions, and the recommendation outlined on the SafeNet blog by Trisha Paine, Senior Product Marketing Manager at SafeNet, in comments about the first quarter results are instructive:

At the end of the day, there is not a magic strategy; there is just thorough, well thought out planning. A good battle plan encompasses multiple layers of security in order to protect the kingdom. The important things include:

  • Awareness and recognition that there is a growing threat from inside your organization
  • Understanding that no industry is safe (healthcare was the number one breached industry in Q1 at 24%)
  • And that every organization, regardless of size, can take advantage of technology safeguards to protect their perimeter, infrastructure, and data.

That said, visualization is important, and taking what could be a somewhat recalcitrant management to the index page might only a take few minutes that could become extremely valuable for obtaining resources to improve your organization’s data risk management posture.

Edited by Maurice Nagle

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers