After two years of a rising number of cyber breaches, 2018 is on pace to taper off, according to Momentum Cyber's most recent mid-year cybersecurity review. There have been 668 known breaches in the first part of this year and if that rate continues, there would be 1,336. There were 1,093 in 2016 and 1,579 in 2017. Importantly, the report cites a 10% decrease in data breach-related costs, down to $3.62 million over the past year.
The almost 302,000 open cybersecurity jobs are also a contributing factor to the rise in breaches. And although there are about 768,000 employed cybersecurity professionals, less than two-thirds of breaches are detected by an internal notification; the rest, nearly 40%, are found by an external notification.
Prior to GDPR's May 25 deadline, in 2016 companies invested $5.1 million in data privacy. From year-to-date in 2018, investments rose to $132.7 million.
CIOs can rejoice that it costs less to deal with a data breach, but experts agree it's not a matter of "if" and attack or breach occurs, it's "when."
The dilemma facing tech organizations involves the current job market. Does a CIO fill more jobs to combat a problem that is largely identified from outside sources? Or would having more workers increase the odds that breaches are discovered internally? And are those same employees making attack vectors easier for bad actors through social media, applications and mobile devices?
To ward off the increase in data breaches, data encryption has become a cornerstone of security, but employees who bring shadow IT into the workplace may be ignorant to these security measures.
The more autonomous departments and employees get, the more IT they take on independently and free from central IT's authorization. This creates a void in security.
However, IT departments "treating shadow IT as a cancer and trying to kill everything" will not correct a company's underlying issues, said Patric Palm, CEO of Favro, in an interview with CIO Dive. The sense of freedom non-IT departments feel when customizing applications is from the cloud.
The cloud can lay an unintentional welcome mat for attackers. For example, AWS S3 buckets have been at the root of data leaks from the Department of Defense, WWE and Verizon, and this is largely because attackers are focusing on cloud-based storage and online repositories.
To address the issue with internal detection, organizations need to put a data curator in place to oversee and have control over data asset inventory. And most easily, organizations should use the tools readily provided for them by major cloud vendors. These services include automatic services that can crawl through buckets looking for personally identifiable information a company may have collected.