Data Loss

Data Breaches and Data Loss Protection Systems

• DLP Leak Prevention Solutions Catalog
• DLP Solutions (Global)
• Data breaches

2024: Google to pay $350 million in compensation for data privacy violations at Google +

Google will pay compensation for privacy violations data on the social network. Google+ This was announced on February 12, 2024 by the press service of the deputy. State Duma of the Russian Federation Anton Nemkin More. here

2022: Business mail cyber attacks lead to $43bn losses

and FBI the Internet Internet Crime Complaint Center (IC3) found that $43.31 billion was stolen from June 2016 to December 2021 as a result of more than 241,000 incidents. This became known on May 5, 2022.

Service email hacking is still profitable for cybercriminals.

email Business Email Compromise (BEC) fraud allows an attacker to carry out unauthorized translation funds by hacking a business or personal email account using social engineering or computer intrusion. According to the FBI, as of May 2022, thefts of personal information employees, payroll and tax report forms (W-2) and are carried out. cryptopurses

The figures in the report are likely the bottom line of the actual figures given that a large number of incidents remain unreported, said Andy Gill, senior safety consultant at LARES Consulting.

BEC- are attacks often conducted using a phishing target to gain access to mailboxes. The attacker is looking for important topics, such as correspondence with the supplier or with an employee within the company to further attack workers or an external company, Gill added.

BEC fraud was registered in all 50 states and 177, countries with fraudulent transfers made in more than 140 countries, the FBI explained. - Based on financial data IC3 2021, fixed assets from fraudsters passed through and. banks Thailand , Hong Kong China which was among the two largest recipients of funds in previous years, in 2021 took third place, followed by. Mexico Singapore

According to specialist Sunil Yu from JupiterOne, BEC cybercriminals also had a support structure, including the presence of money mules. Smurfers handed over laundered stolen funds to scammers.

Broader awareness campaigns and stricter and more public punishments for money mules can curtail their activities and prevent attackers from stealing misappropriated funds, Yu said. - When transfers of funds slow down or stop, the victim will have a chance to return the stolen funds when a hack is detected[1].

2021: Data breaches cost companies an average of $4.24 million

On July 28, 2021, IBM Security shared the results of a global study on the financial assessment of the damage from data breaches. Each such case, on average, costs the companies participating in the study $4.24 million - this is the highest value in 17 years of IBM research. An in-depth analysis of data leaks in more than 500 organizations showed that security incidents lead to increased costs and are more difficult to contain, because the way organizations work has changed dramatically in a pandemic. The damage increased by 10% compared to 2020.

In 2020, companies had to urgently adapt approaches to the use of technology, since many organizations recommended that employees work from home or introduce remote work without fail, and 60% of organizations began to use cloud solutions to a greater extent during a pandemic. Judging by the latest results, the field of information security (IS) does not seem to keep up with the rapid changes in IT , and this affects the ability of companies to respond to data leaks.

The annual Cost of a Data Breach Report conducted by the Ponemon Institute with sponsorship and analytical support from IBM Security revealed the following trends:

• Impact of remote work. The rapid transition to remote work during the pandemic presumably increased the amount of damage from data leaks. In cases where remote operation was recognized as one of the reasons for the leak, the damage was on average $1 million higher than in situations in which this factor was not involved ($4.96 million versus $3.89 million).
• The damage from leaks in the healthcare sector has grown. Industries that had to radically change their approaches to work during a pandemic (health care, retail, hotel and restaurant business, production and distribution of consumer goods) also faced a significant increase in damage from data leaks compared to 2020. The most expensive leaks are in healthcare: $9.23 million per case, which is $2 million more than in 2020.
• Compromise of accounts leads to data theft. Access with stolen credentials caused most of the leaks identified in the study. At the same time, attackers most often stole the personal data of ordinary users (name, email address, password) - in 44% of cases of leaks, data of this type suffered. The result is a spiral movement: by stealing the username and password, an attacker may gain access to new information in the future .
• Modern approaches help reduce losses. The use of artificial intelligence, information security analytics and encryption are the three main factors that have proven to be effective in reducing the costs associated with data leaks. Savings ranged from $1.25 million to $1.49 million (compared to organizations where these tools are practically not used). As for data leaks in the cloud, organizations using hybrid clouds are cheaper to leak ($3.61 million) than those who use only a public cloud ($4.80 million) or only a private cloud ($4.55 million).

{{quote 'Higher losses from data breaches are another expense to business amid rapid technology changes during the pandemic, said Chris McCurdy, vice president and CEO of IBM Security. - Over the past year, damage from data breaches has reached record highs, but the report also showed the positive impact of modern defense techniques such as artificial intelligence, automation and the application of a zero-trust approach - they could potentially further reduce damage from such incidents. }}

Due to the pandemic, people are increasingly using digital means of communication. Companies switched to remote work and cloud technologies, adjusting to the realities.

The report showed that these factors significantly affect the ability of companies to respond to data breaches. Almost 20% of organizations that took part in the study noted that remote operation became one of the reasons for data leaks, and the associated leaks cost organizations $4.96 million (almost 15% more expensive than average).

Companies that participated in the study and faced leaks during the transition to cloud solutions suffered damage that exceeded the average by 18.8%. However, the study also found that companies that moved further than others along the path of upgrading and moving to work in the cloud (that is, were at a more "mature" stage) were more effective at identifying and preventing incidents - on average 77 days earlier than organizations in the initial stages. A study of data breaches in cloud infrastructures showed that organizations using hybrid clouds are cheaper to leak ($3.61 million) than those who use only public clouds ($4.80 million) or only private clouds ($4.55 million).

The report also revealed a growing problem: leaks entail compromising consumer data (including credentials), which can later be used to carry out other attacks. 82% of individual users who participated in the study admit that they use the same passwords for different accounts, so compromising credentials is, on the one hand, the main cause of information leaks, and on the other, leads to further negative consequences, which means it is a double risk to business.

• Personal data ends up in the hands of scammers. Almost half (44%) of the analyzed leaks were related to the theft of consumer personal data
  • (name, email address, password, and so on - even medical details), and this is the most common type of incident in the report.

• The biggest damage occurs when identifying personal data is stolen. $180 for each stolen entry, compared to $161 for each entry for an average of all leak categories.
• The most common method of attack. Compromised credentials were most often used as a means of hacking (20% of data breaches analyzed).
• Longer detection and suppression. It takes longer to identify leaks caused by compromising credentials - an average of 250 days (compared to the total average of 212 days).

Some changes in IT during the pandemic have increased the cost of data breaches, but organizations that have not modernized their businesses are actually incurring higher costs associated with leaks. In organizations that have not begun digital transformation due to COVID-19, the damage from one leak turned out to be $750 thousand higher than the average for all organizations (16.6% higher than the average).

The "zero trust" approach helps companies that participated in the study combat data breaches. It implies that any user on the system or the network itself can already be compromised, and uses artificial intelligence tools and analytics tools to continuously check connections between users, data and resources. In organizations with a developed "zero trust" approach, the damage from data leaks averaged $3.28 million - $1.76 million lower than in companies that did not implement this approach.

The report also showed that for July 2021, more companies are deploying security automation compared to previous years, and this leads to a significant decrease in costs. About 65% of the companies that took part in the study indicated that they partially or fully deployed information security automation tools - up from 52% two years ago. In organizations that deployed in full, the average amount of damage from data leaks was only $2.90 million, and for companies that did not use automation at all, the same figure was more than double - $6.71 million.

Companies that took part in the study managed to reduce the cost of dealing with the leak by investing in teams and incident response plans. Organizations that created incident response teams and tested their response plans spent $3.25 million on average to eliminate the consequences of the hack. At the same time, companies that did not do this had to spend an average of $5.71 million (the difference is 54.9%).

Some additional findings from the 2021 study:

• Time for elimination of leaks. It took an average of 287 days to identify and eliminate the data breach (212 to identify, and another 75 to neutralize) - a week more than in 2020.
• Giant data breaches. The average damage in the case of a giant leak (from 50 to 65 million records) amounted to $401 million. This is almost 100 times more than in most of the usual leaks analyzed during the study (from 1 thousand to 100 thousand records).
• Industry specificity. The most expensive were leaks in the healthcare sector ($9.23 million), in second place was the financial sector ($5.72 million), in third - pharmaceuticals ($5.04 million). In retail, multimedia, hospitality and the public sector, the damage was lower on average, but it, too, rose markedly from 2020.
• Regional specificity. The most expensive leaks occurred in the United States ($9.05 million per case), then the countries of the Middle East ($6.93 million) and Canada ($5.4 million) went.

The 2021 Cost of a Data Breach Report, compiled by IBM Security and the Ponemon Institute, is based on an in-depth analysis of real data leaks of up to 100,000 records that occurred in more than 500 organizations around the world from May 2020 to March 2021. The study takes into account hundreds of factors that affect costs: legal, regulatory and technical aspects, as well as damage from negative impact on brand image, loss of customers and decrease in employee productivity.

2020

The total amount of fines and compensation for data leaks amounted to about $385 million

On March 11, 2021, InfoWatch announced the results of a study of the financial consequences of incidents related to leaked camipersonal data and other confidential user information for legal entities. Based on a study of open sources in the world, 118 cases of fines and compensation payments for violations that led to data leaks were found. Compared to 2019, the number of detected fines and compensation increased by 9.3%. Their total amount in 2020 amounted to about $385 million.

In 2020, the leaders in the number of fines were the United States and Singapore - they accounted for 28 and 23 financial penalties, respectively. The top five countries in terms of the number of penalties assigned also included Romania (11 fines), Italy (9 fines) and the United Kingdom of Great Britain and Northern Ireland (5 fines). Like the year before, the U.S. ranked first among countries in terms of average penalty. Its amount in 2020 amounted to $13 million.

The number of fines issued by regulators of the EU countries for leaks amounted to 35.6% of all fines, but the average fine here was only $93 thousand.

In Russia, for the studied period, reports of 4 fines for personal data leaks totaling 510.5 thousand rubles were found in open sources. Thus, compared to 2019, when 6 assigned fines were identified for a total of 180.5 thousand rubles, in 2020 the amount of fines increased by 2.83 times. The average amount of the fine was 127.6 thousand rubles.

In 2020, Russian courts made decisions on the appointment of fines in cases initiated against such organizations as one of the collection agencies in, Novosibirsk region LLC, the National Recovery Service Language Center German at, Volgograd Social and Pedagogical University as well as the Central District Hospital of the city of Nikolaevsk-on-Amur.

This study was carried out in two sections, where the first part is the calculation of the actual number of fines and compensations assigned by regulators for leaks of confidential information, including personal data. The second part is the search for a connection between the financial condition of the organization, the value of its assets and official reports of leaks. It is clear that for a public company, both the fact of the leak and information about its scale, which became public, are fraught with losses on the stock exchange. According to our observations, after the leak of the company, on average, in the first hours after the announcement of the incident, the fall looks small, within 1%, but we must not forget that behind this figure for a large company is the loss of many tens, or even hundreds of millions of dollars. An important factor affecting the possibility of leveling reputational risks and stabilizing the value of shares is the behavior of the company itself after the leak, the transparency of measures to eliminate the consequences of the incident, - said Andrei Arsentiev, head of analytics and special projects at InfoWatch Group of Companies .

In the industry distribution, 50% of the world's fines fell on high-tech companies, health care and. retail The largest drop in exchange indicators immediately after leaks was noted among companies in the & Retail HoReCa segments, as well as High Technologies (high tech -,) telecom- IT by 2.29% and 2.02%, respectively. The area is the least susceptible to leaks and - industries transport here, even after the incident related to the compromise of data, the stock price on average grew by 0.56%. The financial sphere can also be recognized as relatively stable, the losses of the participants of which in the first hours after the leak were quite small - less than a quarter of a percent.

For March 2021, we can say quite confidently that the leak has a strong impact on the level of capitalization of the company in the short term, that is, in the first days after the incident was reported. In the future, other factors influence the formation of the stock price.

The authors of the report concluded that the regulators of the EU countries, relying on the provisions of the GDPR regulation that entered into force in 2018, continued to methodically fine companies that made leaks in 2020. At the same time, in the European Union during a pandemic, there are practically no large fines for leaks. Most likely, in the near future, mega-fines (in the amount of tens and hundreds of millions of dollars) will mainly be issued by US regulators and only for resonant leaks, that is, those in which millions of user data records may be lost. At the same time, aggravating factors will be the long-term concealment of the facts of leaks and the insufficient attention of companies to the cybersecurity circuit .

In 2021, first of all, we should expect an expansion of the geography of fines for leaks due to the fact that regulators in the field of information protection in many countries are gradually improving legislation based on realities, and are embarking on the path of methodical protection of user data as the main component of the digital personality.

In Russia, one should expect the appearance of fines related to ensuring the security of significant objects of critical information infrastructure (not leaks).

Cyber ​ ​ incidents with data theft over the past 5 years cost companies $10 billion

Cyber ​ ​ incidents with data theft over the past 5 years have cost companies $10 billion. This became known on November 10, 2020.

Security researchers at the firm Cyentia Insitute analysed 103 so-called "extreme" cyber incidents over the past five years, which led to the biggest financial losses. As it turned out, identity theft attacks accounted for 46% of all incidents and led to huge losses of $10 billion Cyber attacks with harmful ON remote access accounted for 31% of all cases and cost corporations $9.2 billion.

The researchers found that some attacks resulted in losses of nearly 100 times the victim's annual income, while others resulted in losses of just 0.1%. Productivity damage, response costs and penalties were the most common forms of loss.

The likelihood of an incident varies from industry to industry, with government agencies, financial firms, administrative support and information services having the biggest risks. The financial, information and manufacturing sectors accounted for more than half of the 103 biggest incidents.

As experts found out, cybercriminal groups associated with foreign governments accounted for 43% of financial losses.

Fraud, ransomware, data breaches and cryptocurrency theft are the most expensive and most common types of "extreme" cyber incidents. Only one malicious campaign NotPetya in 2017 accounted for almost 20% of all losses^[2].

Each data breach costs companies an average of $3.86 million

On July 31, 2020, it became known that the compromise of employee accounts led to the most expensive data leaks for 2020. This is reported in the annual global study of IBM and the Ponemon Institute. An analysis of information leaks showed that personal data of customers are disclosed in 80% of cases.

According to IBM Security, on average, each data leak costs companies $3.86 million, and the largest costs are associated with compromising employee accounts. The last type of leaks costs business more than the rest.

Despite the fact that the average cost of one leak, as the study shows, may differ several times depending on the country and region, the general trends and trends outlined in the report are global and correct for most countries, including Russia. This applies, first of all, to the growth of the damage gap for unprepared businesses, compared to those for whom information security is a priority. noted Alexey Vorontsov, head of consulting practice of IB IBM in Russia and the CIS

As explained, remote work and the growing scale of business operations in the cloud increase the risk of accessing sensitive information. A separate study by IBM showed that more than half of employees who had to master work from home due to the pandemic did not receive instructions for handling identifying personal data of customers.

The research Ponemon Institute and IBM Security is based on interviews with more than 3,200 information security specialists from 500 companies that have suffered data breaches in 2020.

According to the survey, intelligent technologies can halve losses from data breaches. Companies that have fully deployed cyber defense automation technologies have suffered half the losses from data breaches than companies that have not implemented such tools - on average, the United States has $2.45 million against $6.03 million.

Compromised credentials are costly. In cases where attackers gained access to corporate networks using stolen or compromised credentials, companies' data breach costs were $1 million higher than the global average and reached $4.77 million per leak. Exploiting third-party vulnerabilities ranks second in the list of reasons for data security breaches - $4.5 million. said in a message from IBM's division in Russia and the CIS

According to the results of the study, expenses due to leaks, in which more than 50 million data records were compromised, in 2019 increased from $388 million to $392 million. Leaks that compromised 40-50 million accounts cost companies an average of $364 million. This is $19 million more than in 2019.

Attacks, financed states-nations, do the biggest damage. Compared to other sources of data security threats considered in the study, the most expensive were data breaches, which are believed to be the result of actions by states of nations. On average, state-sponsored attacks result in costs of $4.43 million per person, data breach which significantly exceeds the damage from financially interested cybercriminals and hackers activists.

We have noticed that companies that have invested in automated technology can more effectively offset the negative impact of data breaches. For July 2020, when companies are expanding their digital capabilities at an accelerated pace, and there is a shortage of personnel in the field of information security, more and more efforts are required to protect the growing number of devices, systems and data. Automation of cyber defense can solve this problem. It contributes not only to a more prompt response to data breaches, but also to reducing associated costs. stated Wendy Whitmore, vice president of IBM X-Force Threat Intelligence

Employee credentials and misconfigured cloud environments are vulnerabilities that attackers choose. Stolen or compromised credentials and misconfigured cloud environments are the most common causes of hacking. They account for about 40% of all cases, according to IBM and the Ponemon Institute. In 2019, more than 8.5 billion data records became the target of cybercriminals. In one in five cases, criminals used previously hacked emails and passwords. Companies are rethinking cyber defense strategies with a "zero trust" approach and reviewing how users are authenticated, as well as the levels of access rights they are granted.

Companies face the complexity of cyber defense. Because of this, the costs associated with leaks are growing, and errors in cloud configurations are becoming an increasingly difficult problem. A 2020 study showed that cybercriminals used bugs in cloud configurations to hack networks in about 20% of cases, which increased associated costs by an average of half a million - to $4.41 million. This is the third most expensive in terms of losses, the initial attack vector considered in the study.

While such attacks account for just 13% of leaks, government-funded attackers caused the biggest damage. Presumably, this is due to the fact that attacks aimed at financial enrichment (53%) do not lead to large losses for companies. The high-quality preparation, duration and camouflage of state-funded attacks, as well as the value of the data they target, often lead to the greatest degree of compromise of victims. Because of this, the costs associated with data leaks increase on average to $4.43 million, the study notes.

According to IBM Security, where Middle East historically state-funded cyber attacks occur more often than in other parts of the world, the cost of fixing data leaks increased by more than 9% on average over the year, to $6.52 million, which brought this region to second place in the list of 17 regions considered in the study. One of the most popular targets of cyber attacks by states is the companies of the power sector. In annual terms, their expenses due to hacks increased by 14% - to $6.39 million.

The study highlights an increasing gap in the costs of eliminating the consequences of cyber attacks between companies that have introduced cyber defense technologies and the rest: enterprises that have fully deployed automation save $3.58 million more. Thus, the gap increased to $2 million in 2019 compared to $1.55 million in 2018.

The introduction of cyber automation technologies not only reduces the associated costs, but also significantly reduces the time to respond to data breaches. Thanks to AI, machine learning, data analysis and other forms of cyber defense automation, companies that have implemented these technologies are responding to data breaches 27% faster than those that have yet to implement them, the study found. This means that on average they take 74 days less to identify and stop the leak.

Preparedness to respond to incidents also continues to affect the financial impact of the leak, according to the survey. On average, companies that do not have response teams and do not test response plans spend $5.29 million to eliminate the consequences of hacking. In companies that have incident response departments and conduct regular practical training or experiments to test response plans, these costs are $2 million lower.

IBM specialist Alexei Vorontsov says that on average 70% of organizations around the world expect an increase in the amount of damage caused by leaks due to the transfer of employees to remote work in 2020^[3]

2019

Chicago broker Phillip Capital fined $1.5 million for data breach

On September 18, 2019, Zecurion reported that a Chicago-based securities trading company was fined $1.5 million for failing to comply with industry standards to protect sensitive data. Read more here.

Financial damage to medium-sized businesses from hacks and data breaches is estimated at $3.9 million

As it became known on July 24, 2019, the financial damage from hacks and data leaks continues to grow and as of July could average up to $3.9 million for medium-sized businesses. This was reported in a research report by IBM Security.

As reported, experts assessed the costs of eliminating the consequences of data leaks. According to the study, over the past five years, this figure has grown by 12% and as of July 2019 averages $3.92 million.

On average, expenses for the largest organizations (more than 25,000 employees) amounted to $5.11 million. Companies with fewer than 500 employees lost more than $2.5 million. For small companies, this amount can "eat up" a significant part of annual income. Small organizations thus have higher costs compared to large companies, which may limit their ability to recover financially from an incident.

According to experts, the costs associated with the hiring of third-party information security companies, legal expenses, investments in security, and compensation payments and fines are not always immediately displayed on the budget of companies.

In fact, the consequences of data breaches can be felt over the years. According to the report, an average of 67% of spending is within the first 12 months of the data breach, 22% within the second year and 11% within two years. Medical, financial, pharmaceutical and energy companies could face additional costs over time, the report noted.

On average, organizations take 206 days to detect a data breach and another 73 days to fix it completely. According to experts, cases of data leaks in connection with cyber attacks are more common than those caused by system errors or human factors. The former account for 49% of all recorded incidents.

For one stolen record, companies may face a fine of up to $150, that is, the leak of 1 million records will cost the company up to $42 million, and 50 million - up to $388 million.

Of the 26 factors affecting data breach damage, the five most "costly" are third-party involvement, industry standard non-compliance, cloud transition, system and operating technology complexity. In particular, data leakage due to third parties increases costs by more than $370,000, leakage when switching to cloud environments - by $300,000, and system complexity - by $290,000.

Earlier, Equifax agreed to pay $700 million to victims of a massive data breach, and the largest hotel chain Marriott International will be fined £99 million for a data breach since 2014. ^[4]

2018: The maximum amount of damage in the case of data leakage in Russia amounted to 14 million rubles

On January 28, 2020, it became known that the InfoWatch Group of Companies expert and analytical center published the first report on judicial practice in cases related to leaks of limited access information. The study was conducted in order to identify the main and most obvious problems of law enforcement in the field of information protection. According to the results of the study, every fourth case ends with the issuance of a real or suspended sentence, and the maximum amount of damage in the case of information leakage, confirmed by the decision of the Russian court in 2018, is 14 million rubles. Read more here .

2015

Ponemon: The average loss from data leaks in the world $4 million

In June 2016, published data from a global study, which analyzed the financial consequences of data leaks in 2015, showed that data leaks cost companies an average of $4 million, an increase of 29% since 2013^[5]

The study was conducted by the Ponemon Institute with support from IBM. Interviewed by nearly 400 companies in the world.

Quantitative and qualitative growth in cybersecurity incidents continues. In 2015, 64% more security incidents were reported than in 2014. As the complexity of these threats increases, they cost companies more and more.

The study found that companies lose $158 on every compromised data record. Even more expensive are leaks in tightly regulated industries, reaching, for example, $355 per data record in healthcare - $100 more than in 2013.

According to the results of the study, the most important factor in reducing losses from data breaches was the involvement of a team of specialists responsible for incidents. This saved companies an average of almost $400 thousand (or $16 per data record).

The cost of response measures (investigating causes, creating hotlines for clients, hiring lawyers, issuing regulatory orders) is 59% of the amount of damage from data leakage. Some of these costs may be explained by the fact that 70% of executives in companies that USA oversee security issues reported no incident response plans.

The study found a direct relationship between the amount of time to detect and suppress a data breach and the cost of eliminating its consequences. While leaks identified in less than 100 days cost the company an average of $3.23 million, the cost of leaks discovered later than the 100-day mark is on average $1 million more ($4.38 million).

Zecurion: 41 incidents were recorded in Russia, an average of $820 thousand losses

According to research by Zecurion, according to the results of 2014, 41 internal incidents were recorded in Russia. In terms of the number of public incidents collected as part of the study, Russia holds the second place after the leader - the United States.

According to analysts, published information about leaks is the tip of the iceberg. The real number of such incidents in Russia and the world is several orders of magnitude more. In an attempt to understand the true scale of the problem of protecting information from leaks, the consequences of incidents and find out what efforts organizations are trying to minimize insider threats, Zecurion interviewed its own customers using DLP solutions.

Survey result, 2015

It turned out: most companies record from 11 to 20 serious incidents per year. Among the popular leak channels are email (53% of companies face attempts to transmit information via this channel), USB flash drives (45%) and Internet services (32%).

Analysts noted differences in the assessment of damage from leaks in Russia: if in world statistics each incident costs more than $25 million, then in Russia this value reaches $820 thousand, and the maximum losses of the Russian company amounted to about $30 million. The main financial losses are due to indirect damage due to the deterioration of the customer base (especially in highly competitive areas) and due to the acquisition of other advantages by competitors.

Leak size in Russia, 2015

Zecurion Analytics calculated that in 2014, companies in the world lost $18.534 billion due to information leaks. This is significantly lower than in 2013: then the total damage was $25.11 billion. At the same time, there is also a trend of "depreciation" of leaks: the average damage from each incident decreased from $31.23 million in 2013 to $25.29 million in 2014.

In addition to reducing losses from each leak in the world, there is also a general trend of reducing the number of leaks - its experts have been noting for several years. So, if in 2012 there were 825 leaks in the world, and in 2013 - already 804, then in 2014 - only 733. True, analysts emphasized that most of the leaks remain hidden - both from the press and from the owners of the information themselves. So there remains the possibility that leaks and their consequences over the past two years have simply learned to hide better.

Number of reported information security incidents

If unintentional incidents prevailed in 2012 (44.5% versus 24.2% for targeted ones), then in 2014 the gap between them narrowed to only one and a half percent. This growth trend threatens organizations in the new year with a significant increase in financial losses from incidents.

The most common corporate data channels are web services (26.7%), laptops and tablets (more than 14%). The share of leaks through non-electronic carriers has significantly increased - from 8.2% to 13.4%. In most cases, these are unintended leaks associated with careless treatment of paper documents. Papers left in sight of office visitors or discarded in ordinary garbage containers often become public.

Compared to 2013, cases of leaks of financial and medical data of individuals decreased (a total of 26.8%). Other personal data still led among types of compromised information, the share of which in 2014 amounted to 59.6%. Leaks of state or commercial secrets are much less common. Nevertheless, each such incident suffers impressive financial losses and has serious reputational consequences, although information about such incidents rarely reaches journalists.

The United States remains the leader in the number of leaks - they account for 69.8% of all incidents. Russia is in second place, here in 2014 a 41 internal incident was recorded - this is 5.6% from all leaks. In addition, large shares of leaks belong to the UK, Germany, Denmark, Turkey and China.

* for 11 months of 2014

Source: Zecurion, 2014

The most "leaking" industries in the world are:

• retail,
• state organizations,
• medical institutions,
• financial sector and
• education.

Moreover, all five directions for at least the second year show an increase in the share of leaks. Transport industry, HoReCa, high technology and industrial sector reduce the number of incidents.

Ponemon: Average annual damage to companies from data breach - $3.8 million

The 2015 Global Cost of Data Breach Study was published in the spring of 2015 by the Ponemon Institute with support from IBM, based on 2014 data. According to the published results, the average annual loss of large global companies from data leakage amounted to $3.8 million, which is 23% more than in 2013.

Most countries have recorded an increase in damage from one lost or stolen record. This figure grew by 6% in 2014 and amounted to an average of $154, compared with $145 in 2013. The fastest growth in the cost of data loss was shown by the retail industry, where over the year the damage increased from $105 to $165.

The main results of the study:

• The study showed that business continuity management can reduce data loss damage by an average of $7.1 per stolen or lost record.

• The most expensive data losses occur in the United States and Germany, where the damage from one leak is $217 and $211, respectively. The lowest rates in India and Brazil, $56 and $78, respectively.

• The cost of a data breach varies by industry. Losing or stealing one record of sensitive data costs an average of $154. Health care companies are hardest hit by hacks: losing one record costs them about $363. For comparison, for companies in the transport industry, the same indicator is estimated at $121, and in the public sector - at $68.

• In many countries, the main cause (47%) of data leaks for companies participating in the study were the actions of hackers and cybercriminals. The cost of recognizing attacks and recovering from them reaches an average of $170. At the same time, a data leak as a result of system failures costs $142 per write, and a human error costs $137.

• The time spent recognizing attacks and recovering from them directly affects the size of financial losses. It will take an average of 256 days to detect malicious attacks. At the same time, errors caused by the human factor can be detected within 158 days.

• After a data breach, fewer customers remain loyal to the organization. According to 2015 data, on average, the loss of customers costs companies $1.57 million.

• Large data breaches (more than 10,000 records) are most likely in Brazilian and French companies. At the same time, in Germany and Canada, this possibility is the least likely.

• A more active board role in combating data breaches or acquiring insurance can reduce the cost of losing or stealing information to an average of $5.5 per record.

2013: Zecurion: Losses in the world $25 billion, in Russia - 4 billion rubles

In February 2014, Zecurion Analytics presented the results of its annual 2013 leak study. The number of hacker attacks and data theft by employees amounted to more than 30% of all cases of leaks.

The total damage from internal information security incidents increased by 25% compared to 2012 and amounted to just over $25 billion. This trend of rising costs from data leaks indicated that companies did not pay due attention to information protection, as a result of which they lost colossal amounts of money. So, on average around the world, the loss from one leak amounted to $32 million, while in Russia the amount of financial damage is slightly less, even though the maximum losses from one incident amounted to more than 4 billion rubles.

In 2013, the industry profile of leaks also changed. Most often, information leaked from healthcare organizations (16%), retail (16.2%) and government agencies (15.5%). At the same time, the most common channels are web services (24.5%), as well as laptops and tablets (a total of 16.3%). The number of leaks through e-mail has significantly increased - from 5.8% to 9.2%.

2012

Zecurion: 825 incidents in the world brought in $20 billion loss

Zecurion Analytics presented in June 2013 the results of the 2012 annual leak study. In total, 825 internal information security incidents were registered in the world, the total damage from which amounted to $20.083 billion.

Despite a slight decrease in the amount of financial damage from one information leak from $25.13 million in 2011 to $24.34 million in 2012, over the past years, the general trend of cost growth of affected companies has remained. According to forecasts of Zecurion Analytics, this trend will continue in the future. In 2013, the increase in damage from leaks will be due to tougher penalties for disclosing personal data in the European Union and Russia.

In 2011, the industry profile of leaks changed significantly compared to 2011. Most often, information leaked from educational institutions (20.1%), the public sector (16.9%), trade enterprises (12.4%) and medical institutions (12.3%). A year earlier, medical organizations "lost" the most data (20.4% in 2011).

The most common leak channel in 2012 is web services (20.5%). The share of leaks through laptops and tablets has significantly increased (16.5% in 2012 versus 10.1% in 2011). In turn, the percentage of leaks through email fell to the lowest value in the last few years, from 17.8% in 2010 to 5.8% in 2012. The latter trend is due to the widespread use of hardware for filtering and archiving mail. In addition, users themselves today are more responsible for transmitting corporate information via e-mail.

Ponemon: The average price of a data breach in the United States is $5.4 million, in Germany - $4.8 million

The corporation Symantec and the institute Ponemon Institute published in June 2013 the results of the joint study 2013 Cost of Data Breach Study: Global Analysis (based on materials for 2012). The data indicated that system failures and the human factor caused 2/3 of all information leaks and raised the global average loss from theft of 1 account to 136. The dollars USA list of key factors included employees' lack of understanding of what is confidential information, insufficient system control (system management tools), as well as non-compliance with state and industry standards. In strictly regulated industries such as the health care economy and pharmaceuticals, losses from information leaks were on average 70% higher.

The world average loss-making of a compromised record has increased, while the price of one leak incident in the United States has dropped to $5.4 million. This decrease is due to the prevalence of the Chief Information Security Officer (CISO) position, which is responsible for company-wide security, as well as the formation of incident response plans and strengthening security programs in general.

The eighth annual global report is based on data on leaks from 277 companies in 9 countries: the USA,, Great Britain,, France,, Germany,, Italy India Japan Australia and. Brazil The reports for each country, as well as the general report, can be found at the link. All considered cases of leaks occurred in calendar year 2012. In order to avoid distortion, the study did not take into account huge leaks with the theft of more than 100 thousand accounts.

Companies can assess their own leak risk using our leak risk calculator, which takes into account the size of the organization, industry, location, as well as the protection methods used and gives an assessment both on the scale of the account and the entire organization.

The main conclusions of the study:

• The average price of information leakage varies greatly between countries. Many of these differences are related to the types of threats that organizations have to deal with, as well as the specifics of information protection legislation in a particular country. In some countries, such as Germany, Australia and the United States, consumer protection legislation is more advanced, providing greater data privacy and overall cybersecurity. The United States and Germany have so far had the highest leak cost: an average of $188 and $199 for each compromised account and $5.4 million and $4.8 million, respectively, for each leak incident;

• Human and system errors are the main causes of leaks. Human factors and system errors are responsible for 64% of leaks around the world, while, as a previous study showed, 62% of company employees considered it acceptable to move corporate data outside the company and most employees never deleted data, thus contributing to leaks. All this gives an idea of ​ ​ what role the employees of the companies themselves played in the information leaks and what losses these companies subsequently incur. Brazilian companies are most affected by the human factor. And companies in India are most often victims of leaks related to system failures and violations of business processes. System failures included application failures, random data uploads, logical errors in data transfer, identification errors (illegal access), data recovery errors, etc.;

• Hacker attacks cost the most. Consolidated studies have shown that deliberate attacks cause 37% of all information leaks in the world, while in all the countries studied these leaks are the most expensive. Hacker attacks cost companies from the United States and Germany the most - $277 and $214 for each compromised account. While in Brazil and India this figure is only $71 and $46, respectively. In addition, German companies, along with companies in Australia and Japan, are most at risk of becoming victims of a hacker attack;

• Some organizational factors lead to lower costs. Companies in the United States and the United Kingdom managed to achieve the greatest reduction in leakage costs due to a strong strategy regarding information security, the availability of an incident response plan and the appointment of a head of IT security. The US and France have also cut costs by bringing in outside consultants to investigate leaks.

2011

Ponemon: Average loss - $5.5 million

In March 2012, Symantec and the Ponemon Institute announced the results of the next annual 2011 Cost of Data Breach Study: United States, which allows companies to assess the damage caused by information leaks. In 2011, for the first time in seven years, the average cost of a data breach fell. According to data published by Symantec and the Ponemon Institute, this figure was $5.5 million in 2011, which is 24% lower than in 2010. At the same time, the most catastrophic incidents that could distort the overall picture were excluded from the study.

In terms of value, the most significant category of losses remained "business losses." This included, for example, an increase in customer outflow and loss of reputation. However, the loss rate of this kind itself decreased by 34%. As it turned out, customers have become more restrained in responding to incidents, often forgiving negligent companies. Of course, their behavior strongly depends on the industry in which the affected organization operates and the type of compromised data. The most painful incidents are for financial sector and health care companies.

Malicious attacks cost 25% more than other types of threats.

39% of respondents believe that most often the employees of organizations themselves involuntarily become the cause of corporate information leaks, more precisely, their negligence in the performance of official duties. The situation is further aggravated by the spread of tablets, smartphones and the cloud model of computing, "said Francis deSouza, president of Symantec Enterprise Products and Services. The reason for the growing concern is understandable, because now employees have access to information at any time from anywhere.

The authors of the study consider the position of information security (information security) director to be the most effective means of reducing the cost of data leaks. Consolidation of responsibility for what is happening throughout the company per person makes it possible to reduce losses by 35% or $80 in terms of lost record. The involvement of third-party consultants in the investigation of incidents reduces unit losses by another $41. In addition, it is important to develop and implement policies and procedures that fully take into account current realities, in particular the growing consumerization of IT.

Unfortunately, there is still a negative trend: depending on the nature of the lost data and the method of transmission to third parties, compared to 2010, the unit cost of leaks increased by $22-37. The seventh Cost of Data Breach Study was attended by 49 American companies - representatives of 14 different sectors of the economy.

Losses of Russian companies from data leaks exceeded $1 billion

The think tank of Zecurion presents the results of an annual study on leaks of confidential information. In total, 819 incidents were registered in 2011, and the total damage is estimated at more than $20 billion, of which more than $1 billion fell on Russian companies.

The largest number of incidents (45.2% of all cases) occurred due to errors or negligence of personnel, low awareness of company employees in matters of information security. A high proportion of premeditation is characteristic of medical data leaks - this is explained by their demand among fraudsters: the price of one such entry on the black market is 50 times higher than the cost of a social security number, according to ANSI. However, the number of medical data leaks remained approximately at the level of last year (19.1%).

The share of leaks of financial data of individuals increased significantly compared to last year and amounted to 18.2% in 2011. Other personal data still leads among types of compromised information, but their share continues to decline (56% versus 63.6% in 2010). Commercial and state secrets and intellectual property are much less likely to leak. Yet every incident like this tends to incur hefty financial losses and have serious reputational consequences.

Most often, information flows from medical organizations (20.4%), state institutions (16.7%), educational institutions (15.2%), retail enterprises (13.8%). At the same time, the most common leak channels are laptops and mobile drives (a total of 19.4%), web services (18.2%), computers (16.1%), as well as non-electronic media (13.8%). The latter remain a popular leak channel due to incorrect disposal: papers with confidential data are simply thrown into public garbage cans. Meanwhile, the introduction of safe disposal procedures will significantly reduce the risks of information leakage.

In Russia, 41 public incidents were registered, most of which were widely publicized in the media. Among the most high-profile are the leakage of SMS messages from the MegaFon mobile operator, the database of 1.6 million MTS subscribers, the publication of personal data on the website of the Russian Pension Fund, as well as the massive compromise of customer data from Russian online stores.

2010: Ponemon: US Average Incident Damage - $7.2M

According to the results of the sixth annual study of the Ponemon Institute - U.S. Cost of a Data Breach Study USA , cases of data theft in 2010 cost American companies $214 per client record. At the same time, the average cost of the incident was then $7.2 million. In addition, the damage to the brand may have been more significant, although it is rather difficult to estimate these losses.

Growth in data theft costs
Source InformationWeek, 2010

2008: Ponemon Institute: 70% of losses from internal information security violations

According to the Ponemon Institute, more than 70% of financial losses in 2008 were caused by information security violations within companies and the subsequent loss of confidential data.

See also

• Losses from cybercrime
• Bank losses from cybercrime

Notes