New research has found that out of the 160,000 reported cyber-attacks in 2017, 93 percent of them could have been avoided if basic security measures were in place.
Unsurprisingly, 2017 was hands down the worst year yet for data breaches and cyber incidents, including ransomware attacks, IoT incidents, data theft, and business email compromise. The 2017 Cyber Incident & Breach Trend Report found these unsettling findings from cyber incidents in 2017
The breaches of 2017 are hard to forget. From the Equifax breach of 145 million peoples personal financial data, Uber’s scandalous breach cover-up from data belonging to 57 million riders and drivers, to Verizon’s unsecured Amazon Cloud server resulting in the exposure of 14 million customers. The report also found that there were 134,000 ransomware attacks on organizations in 2017, compared to nearly half that amount in 2016. And unfortunately, the breach trend continues to soar upward in all elements- the number of breaches, number of exposed records, and the number of countries/organizations impacted.
This report found that the majority of data breaches, nearly 52 percent, were the result of malicious hacking. The next most common causes of a data breach include the absence of proper security software (15 percent), card skimming (11 percent), lack of internal controls (11 percent), and phishing attacks (8 percent).
While there’s no such thing as perfect security, there’s no excuse to neglect the essential security best practices. Regardless of an organizations size or amount of resources, they must plan for the inevitability of falling victim to a cyber-attack, or risk putting users and the organization at risk.
NNT recommends minimizing your attack surface by using CIS Benchmark secure configuration guidance to harden systems against an attack. Known vulnerabilities can be removed and defenses strengthened by applying an expert-derived configuration policy.