Data breaches ‘becoming more complex and dangerous’

Data breaches ‘becoming more complex and dangerous’ [Image: xijian via iStock]

New research has revealed that data breaches are becoming more complex and no longer just impact the IT department, but now involve every department in affected companies.

The Verizon 2017 Data Breach Digest, the latest annual report from the company, found that every breach leaves a “lingering, if not lasting imprint on an enterprise”.

According to Verizon, humans have a significant role in data breaches and cybersecurity incidents. They are threat actors, targeted victims and incident response stakeholders. The report highlights that disgruntled employees are a significant threat to organisations.

The Data Breach Digest details 16 common breach scenarios, and explains how various stakeholders are affected, including corporate communications, legal counsel or the human resources department.

Bryan Sartin, executive director of the RISK Team at Verizon Enterprise Solutions, explained: “Data breaches are growing in complexity and sophistication. In working with victim organisations, we find that breaches touch every part of an organisation up to and including its board of directors.

“Companies need to be prepared to handle data breaches before they actually happen in order to recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences such as a loss of customer confidence or a drop in stock price.”

The 2017 Data Breach Digest highlights five actions an organisation should take immediately after suffering a breach. These include preserving evidence and being flexible by adapting to evolving situations.

Verizon also encouraged enterprises to establish consistent communication methods and to collaborate with other key stakeholders who may have more developed skills in certain areas. Organisations should also document their actions and findings, and be prepared to explain them when necessary, according to the report authors.