Everywhere you look there are new reports of cyber breaches.
- A Business Insurance article reported on an Orlando, Florida-based resort firm’s cyber breach that may have affected its payment card network for almost a year and a half.
- An article in Bloomberg reported a 20-foot Bowman Avenue Dam on the outskirts of Rye, New York, is so inconsequential that many residents of the affluent commuter town didn’t even know it existed. But Iranian hackers did.
In an interview with The Guardian, Lloyd’s of London Chief Executive Inga Beale warned that manmade risks like terrorism, cyber-attacks and climate change have steadily outstripped flooding, fires and earthquakes as the world’s biggest threats.
So what does this all mean?
Here are some key findings from Net Diligence 2015 Cyber Claim Study of 160 claims.
- PII (Personal Identifiable Information) was the most frequently exposed data (45% of claims), followed by PCI (Payment Card Industry) (27%) and PHI (Protected Health Information) (14%).
- Hackers were the most frequent cause of loss (31%), followed by Malware/Virus (14%). Staff Mistakes and Rogue Employees tied for third (11%).
- Healthcare was the sector most frequently breached (21%), followed closely by Financial Services (17%).
- The largest breaches occurred in the Retail sector, followed by Healthcare.
- Nano (extremely small) organizations experienced the most incidents (29%), followed closely by Small organizations (25%). Extremely large breaches occurred in Nano, Small and Large organizations.
- There was insider involvement in 32% of the claims submitted.
- The average number of records lost was 3.2 million.
- The average claim was $673,767.
- The average claim for a large company was $4.8 million, while the average claim in the Healthcare sector was $1.3 million.
- The average per-record cost was $964.31.
- The average cost for Crisis Services (forensics, notification, credit/ID monitoring, legal guidance/Breach Coach® and miscellaneous other) was $499,710.
- The average cost for legal defense was $434,354.
- The average cost for legal settlement was $880,839.
In summary PII, any information that can be used to distinguish one person from another, is the most frequently exposed data. Hackers are the most frequent cause of loss, but insider involvement amounts to almost one-third of the cases. Nano organizations (extremely small) experienced the most incidents, but they don’t receive much press so they believe they have minimal vulnerability. BUSINESSES OF ALL SIZES ARE AT RISK.
We hope you have found this blog educational. At the Armstrong Timeshare Association we strive to keep you informed. To receive more information about our association or to request a topic of interest for us to blog, email: firstname.lastname@example.org
Or Join Our Association now, membership is free!
Armstrong Timeshare Association (License #0I72697)