Over the past year, the number of data breaches from either malware or hacking have risen substantially according to London-based Beazley.
Another target of hackers is the financial services industry, which saw a slight increase in 2015, up to 27% vs. 23% in 2014. Beazley’s data shows that Trojan programs were a frequent mode of access.
The weakest link for most businesses and institutions continues to be their employees. However, companies can take steps to protect their data including:
- Training employees on the importance of protecting personally identifiable information and protected health information and how to avoid phishing attacks that might be used to access that data.
- Creating an incident response plan and testing it to identify vulnerabilities in the system. Plans need to be developed and practiced ahead of time from the initial intrusion to who will be notified and how the forensic investigation will be conducted.
- Beazley recommends categorizing data risks by threat level, since over-reacting to a breach can be as harmful as under-reacting. Different breach events will require a tailored response to that threat.
- Taking a careful look at supplier contracts for any companies that handle or have access to your customers’ data. It should be protected by anyone with access and your company could still be liable if there is a data breach.