An IT security company has launched a website that catalogues data breaches at they happen, and provides a methodology for security professionals to score the severity of breaches and see where they rank among publicly disclosed breaches. With 1,699,821 UK data records lost or stolen in 2013, the SafeNet Breach Level Index (BLI) provides a database of breaches and calculates the severity of data breaches across multiple dimensions based on breach disclosure information.
The firm adds that CIOs and CSOs can use the website to classify the severity of a breach within their companies when communicating level of urgency with affected customers or partners. The resulting data can also be used in their own risk assessment and planning.
Jason Hart, VP of Cloud Solutions, SafeNet, said: “Not all breaches are created or should be treated alike. The Breach Level Index helps us track and differentiate between an insecure breach, in which customer data is compromised and lost, and a secure breach, where data is stolen but cannot be deciphered by cybercriminals because it is encrypted, rendering it useless to them. Based on several factors, the Breach Level Index will assign a numerical score to indicate the severity of a given breach, and that number will be significantly lower if the organisation in question has successfully limited itself to a secure breach and maintained the integrity of its confidential data.”
Highlights
The Breach Level Index provides details into hundreds of individual data breaches across the globe that can be sorted by breach type and affected industries. For 2013, in which more than 1,000 data breaches and 575 million data records lost or stolen, 44 per cent of data breaches did not even disclose how many data records were exposed. Highlights from last year include:
By Breach Type:
o Malicious outsiders: 57 per cent of data breaches
o Accidental loss: 27 per cent of data breaches
o Malicious insiders: 13 per cent of data breaches
o Hacktivists: 2 per cent of data breaches
o State-sponsored activity: <1 per cent of data breaches By Industry Type o Healthcare § 31 per cent of data breaches and 2 per cent of data records lost or stolen § Average records lost per breach: 49,000 o Government § 17 per cent of data breaches and 10 per cent of data records lost or stolen § Average records lost per breach: 630,000 o Financial § 15 per cent of data breaches and 1 per cent of data records lost or stolen § Average records lost per breach: 112,000 o Retail § 8 per cent of data breaches and 29 per cent of data records lost or stolen § Average records lost per breach: 6.6 million Technology § 11 per cent of breaches and 43 per cent of data records lost or stolen § Average records lost per breach: 5.7 million Other industry sectors § 23 per cent of breaches and 13 per cent of data records lost or stolen § Average records lost per breach: 619,000 By Time: 1,576,555 data records lost or stolen every day 65,690 data records lost or stolen every hour 1,094 data records lost or stolen every minute 18 data records lost or stolen every second
