Data breaches are on the rise and things are bound to get worse before they get better, SolarWinds Head Geek Destiny Bertucci tells Open Access Government
For better or worse – and most would argue worse – 2016 was a year of change, from celebrity deaths to the shifting sands of politics. Data breaches were also subject to change, with the threat and damage of breaches only intensifying, to the extent that they now top the list of government concerns.
A government survey reported that two-thirds of large businesses in the United Kingdom were hit by a cyberattack in the past year. It was uncovered last year that in 2014, Yahoo! fell victim to the biggest data breach in history, losing nearly 500 million accounts’ worth of personal user data to attackers.
A data breach costs a business money, damages its reputation, and can impact its customers in deeply concerning ways. That being said, the carnage wrought by a massive data breach in a governmental organisation can have far worse consequences.
Data breaches disaster
A data breach in a government organisation can result in severe ramifications, not just for the organisation, but also for the government’s citizens, with personal data potentially falling into the hands of the attackers. Two major government breaches took place in the United States in 2015, compromising the personal data of over 22 million people.
It was only a couple of years ago that the NHS topped the list of serious data breaches, with nearly 2,500 breaches of patient confidentiality. Top this off with possible theft of sensitive government data, and it is clear that the damage caused by a data breach is catastrophic.
As data breaches continue to evolve from the work of basement dwellers to frighteningly well-equipped and well-financed operations, both the volume and visibility of these breaches are likely to increase. However, before you start trying to figure out ways to lock yourself and your data in some underground hacker-proof bunker, you should know that 1) it wouldn’t work anyway, and 2) things may not be as bad as they seem.
It will get worse before it gets better
Much like the common cold and the Fast and the Furious film series, some things must get worse before they can get better. As the year goes on, cyberattacks are expected to get more prolific. However, one benefit of this is that it will likely increase awareness in government organisations and result in better preparation.
We can also expect new information security firms to enter the marketplace to help tackle this issue, providing guidance on penetration testing and other security expertise. Given the amount of data breaches taking place, this is a market gap that will surely soon be filled.
Sadly, this may also result in a high number of charlatans peddling their wares, offering subpar security advice under the guise of expertise. Given that government funding has increased for cyber security, it is important that organisations are not duped by both attackers and those purporting to stop them.
More businesses will have to weigh the cost of a breach versus the cost of paying for protection, sometimes opting for the former. This is especially likely with ransomware, when there is no guarantee that the attackers will give up the data once their demands are met.
As the year goes on, more attacks will lead to greater exposure and a higher number of preventative methods. While it may be a year in which data breaches become even more ubiquitous than they already are, just remember that sometimes things really do need to get worse before they get better.