Breach, Compliance Management, Data Security, Malware, Network Security, Privacy, Ransomware

Report: Number of cyber incidents doubled in 2017, yet 93 percent could easily have been prevented

Out of nearly 160,000 reported cyber incidents affecting businesses in 2017, 93 percent could have been prevented by following basic security measures such as regularly updating software, blocking fake email messages, using email authentication, and training employees, a new report claims.

The overall number of reported incidents nearly doubled 2016's total of 82,000 incidents, according to the Online Trust Alliance (OTA), an Internet Society initiative, which released its 2017 Cyber Incident & Breach Trend Report on Jan. 25, in advance of Data Privacy Day. For the purposes of its research, OTA defines an incident as any unauthorized action resulting in system or device access, data extraction or manipulation, business disruption, or financial/reputational harm.

Basing its findings on threat intelligence data gleaned from various sources, OTA reports that the majority of data breaches, 52 percent, were reportedly the result of actual malicious hacking. The next most common causes included an absence of proper security software (15 percent), credit card skimming (11 percent), a lack of internal controls (11 percent), and phishing attacks (eight percent).

OTA also found that there were 134,000 ransomware attacks on businesses in 2017, compared to roughly half that amount in 2016.

“Regular patching has always been a best practice and neglecting it is a known cause of many breaches, but this received special attention in 2017 in light of the Equifax breach,” said Jeff Wilbur, director of the OTA initiative at the Internet Society, in a press release. “In 2018 we expect patches to play an even more integral role due to the recently discovered Spectre and Meltdown vulnerabilities where nearly every computer chip manufactured in the last 20 years was found to contain fundamental security flaws.”

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.