These questions are answered in a new report from Bitglass. The report is titled “2019 Financial Breach Report” which is published yearly. The report analyzes the latest cybersecurity trends, biggest breaches and top threats facing financial services organizations.
Key insights from the 2019 report include:
More than 60 percent of all leaked records in the past year were exposed by financial services firms. The cost of an impacted record remains high. The typical cost per breached record in financial services stands at $210, and this has increased on top of 2018. Impacted records in financial services exceed the per-breached-record cost of all other industries except healthcare, which stands at a colossal $429 per record.
Only 6 percent of all breaches in 2019 were suffered by financial services firms – but these breaches exposed far more records than the average data breach. Part of the reason for this large figure relates to the Capital One mega breach, which compromised more than 100 million records.
Other major data breaches following Capital One in 2019 affected Centerstone Insurance and Financial Services; followed by issues impacting upon Nassau Educators Federal Credit Union.
Putting Capital One to the side, it still stands that average breaches in financial services companies still tend to be larger and more detrimental than other sectors’ breaches.
Hacking and malware were the primary cause of data breaches in financial services in 2019. Other reasons for data breaches included inside threats and accidental disclosures. An insider threat is where a malicious threat to a business arises from people who work within the organization, like employees or contractor. Threats occur when such people have inside information concerning the organization’s security practices, data and computer systems.
The report concludes that despite advances in technology it remains that many organizations are still not utilizing the appropriate tools required to secure critical data in the cloud. Consequently, many companies are suffering from recurring breaches as a result.
Appropriate ways to secure data is through the use a modern cloud and security protocols to govern the ‘bring your device to work’ (BYOD) environment.