Data breaches continue to trend upward as we move into 2017, but the industries being exposed most often have stayed the same for the last five years or so.
Is your industry vulnerable?
Stealing information is the modern gold rush. Criminals from all corners of the Earth are scratching and clawing at firewalls, network security solutions and hard disk drives in an effort to get their hands on files and folders that can fetch a pretty penny on the black market.
CS Identity, a data breach remediation company, compiled a list of the five industries that cybercriminals targeted most often in 2014, and in particular, how many breaches they accounted for:
- Business: 33 percent of all breaches.
- Health care: 43 percent.
- Government: 12 percent.
- Education: 7 percent.
- Financial: 6 percent.
Business and health care continue to have a stranglehold atop the list popular sector hackers are targeting, accounting for 3 in every 4 breaches. These incorporate mainstays like Home Depot and Target, both of which suffered massive data breaches in 2016, as well as hospitals and health care organizations that fall under Health Insurance Portability and Accountability Act regulations.
A study conducted by IBM and The Ponemon Institute found the average cost per record breached is roughly $158—this accounts for breach notification, remediation and litigation that normally follows. But in the health care sector, this can run up to as high as $355 per record. CSID reported that each financial record can cost a business $215 on average.
While the fiscal factors pose a challenge to organizations, the ability to even find out if they’ve been hacked or not has proved even more difficult. A Gemalto study found that 52 percent of all data breaches that took place in the first half of the 2016 fiscal year don’t have an exact figure of records stolen attributed to them.
Businesses have a trove of solutions to defend against cyberattacks—and these are often caught and accounted for—but what may be posing more of a problem is identifying physical data breaches. For instance, when a company or its employee throws away an old computer without properly wiping the hard disk drive first. These types of hacking attempts are difficult to quantify, but they can run up a serious bill—and the possibility of jail time—for companies that find themselves in this sticky situation.
Protecting against the preventable
While there will always be 1,000 cybersecurity defense solutions, there’s really only one tried and true way to stop a physical data breach in its tracks—degaussing. Certified by the National Security Agency as the only surefire way to erase data within compliance, degaussers demagnetize the hard disk drive, making it completely inoperable.
In contrast, many enterprises resort to cheap methods of bleaching their hard drives, like using software wipes or crushing the device without deleting anything at all. These present even more problems because it tricks companies into believing they’re secure from a physical data breach. Quite the contrary—software wipes just scramble the ones and zeros. Any above-average skilled hacker could still recover the data. Similarly, destroying the device without deleting the data completely leaves fragments of the hard drive around. Since the bits are magnetized, strings of information can still be recovered.
“Take the time to cross physical threats off the list with a degausser.”
Cyberattacks can be difficult to predict, but businesses and health care organizations alike can cross one danger off the list by degaussing before they dispose of retired or old electronics. Take the Proton 1100, for example, which is essentially a wand that can erase the data off most devices. Larger corporations may want something with a little more power, like the T-4 degausser, which can handle any present or future technology with ease.
Foregoing physical data protection can mean a world of pain for any enterprise thinking they can avoid having to pay up for it. Countless fees are tacked onto the big ones like paying legal fines—this includes lost productivity due to having to recover from a data breach and loss of consumer confidence, which could affect long-term financial goals of the company.
Ultimately, it’s better to be safe than sorry. By degaussing, organizations ensure that even if one of their computers winds up in the hands of a thief, there’s no possible way for someone to recover the information the device once held.