However, this still represents the exposure of some 1.4 billion records. The research from Risk Based Security also shows a shift in tactics. The spike in the value of cryptocurrencies that took place in January 2018 fuelled a rapid expansion into the theft of computing resources.
The top five breach types that dominated recent reports, hacking, skimming, inadvertent disclosure on the internet, phishing and malware, remain the same in 2018. Similar, the vast majority of breaches are still originating from outside the organization, as most events are being discovered by external parties.
When it comes to the time it takes a company to disclose a breach, according to the research it typically takes a business 37.9 days between identifying a security breach and disclosure. According to security expert, Graham Cluley, that’s down from 42.7 days in the first quarter of 2017, and 68.9 days in Q1 2016.
Therefore the average number of days it takes for companies to report a breach after initially discovering it has continued to drop from year to year, however, it’s still taking businesses far too long to admit to a breach, and that could ultimately lead to companies getting into trouble with regulators – especially with the imminent arrival of GDPR.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now