Preventing and managing data breaches have become two of the highest priorities facing businesses today. Many evolving factors such as new threats, regulatory changes and technological advances make the data breach landscape difficult to navigate.
“It has been an explosive year with an increase in the number of data breaches and identity theft cases over last year, so we are sharing our perspectives with the industry to help businesses navigate this complex environment,” said Michael Bruemmer, VP at Experian Data Breach Resolution. “It is more important than ever for companies to prepare for a data breach and stay ahead of the game.”
The rise — and fall — of payment breaches
Adoption requirements for Europay, MasterCard and Visa (EMV) “Chip and PIN” technology being implemented later this year may drive an increase in the frequency of payment breaches as the window closes for hackers to profit from this type of attack on brick-and-mortar retailers. However, businesses should be wary of the potential for the new infrastructure creating a false sense of security for consumers.
“New technology that would replace magnetic-stripe credit cards with a microchip is a step in the right direction to protect against cyberattacks on brick-and-mortar retailers, but it isn’t a silver bullet,” added Bruemmer. “Because EMV technology already exists in Europe, and the U.S. government publicly announced it will require implementation in the fall of 2015, cyberthieves likely already have identified vulnerabilities to target in the new infrastructure. It also doesn’t help those who have been a victim of a breach already so these consumers are still at risk for identity theft and fraud.”
The growing threat of healthcare breaches
The expanding number of access points to Protected Health Information (PHI) and other sensitive data via electronic medical records and the growing popularity of wearable technology make the healthcare industry a vulnerable and attractive target for cybercriminals. Several factors suggest the healthcare industry will continue to be plagued with data breach headlines in 2015.
“The growing number of vulnerabilities and the sheer size of the healthcare industry led to an increase in widely publicized security incidents this year, representing about 42 percent of all major data breaches reported in 20141,” said Bruemmer. “We expect this number will continue to grow until the industry comes up with a stronger solution to improve its cybersecurity strategies.”
A fresh breach surface via the Internet of Things
Like it or not, the Internet of Things is spreading rapidly, offering a wide range of benefits for businesses looking to review data and optimize performance. More devices are being created with Wi-Fi capabilities and sensors that create the opportunity for everyday items to relay information over the Internet and communicate with each other. As more companies adopt interconnected systems and products, cyberattacks also will likely increase via data accessed from third-party vendors.
“While the Internet of Things has huge potential, it also brings more points of vulnerability for organizations,” said Ozzie Fonseca, senior director, Experian Data Breach Resolution. “As companies adopt more interconnected products and systems, the Internet of Things could usher in the next wave of large third-party breaches. Businesses taking advantage of these technologies must address risk management and security with all of the platforms that collect or house personal information.”