They say there is nothing new under the sun, and with respect to data breach incidents, the saying is mostly true. In fact, the most successful data breach methods from last year are still among the key methods being used this year. But there are several steps retailers can take to avoid data breaches, or at the very least mitigate their impact.
Retail TouchPoints spoke to Chris Novak, Director of Investigative Response, Verizon Enterprise Solutions and author of the Verizon Data Breach Study, who revealed that a retailer's greatest asset is its employees. In fact, the simple act of communication with, and among, store associates about the appropriate response to a data breach can be what separates a retailer from the potential loss of millions of dollars — not to mention long-term damage to the company's reputation. It's also vital to close security gaps quickly once they are discovered, given that 90% of vulnerabilities exploited by criminals are at least one year old.
Verizon’s ninth annual Data Breach Investigations Report (DBIR) provides an in-depth look at the cybersecurity landscape, drawn from more than 100,000 security incidents worldwide in 2015, with key findings that include:
- 97% of breaches featuring stolen credentials leveraged legitimate partner access;
- 90% of vulnerabilities that are exploited are over one year old;
- 70% of payment card skimming incidents can be blamed on criminal organizations; and
- 63% of confirmed data breaches involved weak, default or stolen passwords.
Hackers Moving Faster
Financial firms were hit with the most data breaches last year, with some 795 breaches, followed by the accommodation/hotel sector (282), information sector (194), public sector (193), retail (137), and health care (115).