The Rippleshot Data Breach Blog

Three Data Breach New Year's Resolutions

Written by Marci McCalmon | Jan 5, 2016 12:00:00 PM

As we start 2016 off, is security against data breaches on your company’s new year’s resolutions list? Over 750 data breaches were reported in 2015 and we will likely see an increase in quantity as well as impact in 2016. Experian recently released their annual Data Breach Industry Forecast and while breaches are expected to increase, who they are targeting and their methods are expected to change. Based on this report, we’ve created a helpful list of three things to add to your company’s new year’s resolutions for 2016.

Data Breach New Year’s Resolution #1: Protect against a shift in fraud to card not present transactions.

The biggest buzz around data breaches in 2015 was the adoption of the EMV chip and pin payment technology. As we’ve noted previously, the adoption has begun, but is well behind schedule. Experian reports that 86 percent of small businesses have not yet made the transition. Additionally, ATM networks and fueling stations have until 2018 to transition their POS systems, so they are likely to become targets. While it will take time, as merchants do start to upgrade their POS systems to accept the EMV cards, Experian is predicting that fraud will shift to online transactions. This was the trend that occurred when Europe implemented EMV over a decade ago. It is important for businesses to not only implement EMV, but also monitor online transactions for fraud.

Data Breach New Year’s Resolution #2: Make training all of your employees on data security a priority.

While there were a number of large data breaches in 2015, the ones that had the most damage to companies and consumers were the smaller ones, many of which go unreported in the media. Experian associates this with a general lack of training for employees on how to create safety for important customer data. They report that less than half of organizations have any regular training on security of data. A simple understanding of how to handle paper records, resetting passwords regularly and keeping company property, like laptops, secure is critical. There is no time to waste on this, Experian notes. As the workforce gets younger, employees tend to use their own personal devices or communication mediums for professional means. Be sure to add security training to the calendar this year.

Data Breach New Year’s Resolution #3: Have a policy in place to handle corporate extortion.

While credit card information is still valuable on the black market, many criminals are turning to corporate extortion to hit a big payday. According to Experian, 38 percent of companies have already reported being a target of a cyber-extortion. It is critical for organizations, regardless of size, to plan ahead and create a strategy for how to respond to this type of threat. Experian recommends covering your business by purchasing a cyber insurance policy.

In 2016, Experian indicated that the presidential election campaigns, including data on campaign donors, will be a big target for data breaches. Experian also predicts an increase in hacktivisim, like the Ashley Madison data breach. Individuals aiming to expose corporations that they disagree with. In those incidents, money is not the motivating factor, but reputational damage and business disruption.

Review more key industry statistics in our special data breach statistics section of the blog here. Paired with these three resolutions, you will be setting up your organization for a successful and secure 2016.