The number of data breaches that took place around the world in 2019 surpassed all previous years, with a total of 7,098 detected breaches. Although this represents only a marginal increase over the 7,035 breaches documented in 2018, the increase in the total number of records lost is staggering.
In 2019, over 15 billion records were lost compared to just over 5 billion in 2018, making for an almost 300% increase. So while the number of breaches occurring has remained relatively steady over the past few years, the average breach is rapidly exposing more and more sensitive data.
In the UK specifically, a recent study has revealed that 58% of Brits had been impacted by a data breach in 2019. Given that the average cost of a data breach in the UK has reached almost £3 million, the topics of data security and privacy are primary concerns of both the general public and the organizations who collect and process our data. When you consider how many different online accounts an individual may have created throughout their lifetime, such as email, social media, online banking, music platforms, retailers and food delivery accounts, the amount of critical information stored digitally has the potential to become a treasure trove for any hacker.
For example, it was found that users with BT email accounts suffered more from breaches compared to those that rely on Hotmail, Gmail or Yahoo accounts after researchers examined over 750,000 pieces of data. Additionally, UK residents were more at risk and have encountered more cybersecurity problems compared to their Canadian, New Zealand and European counterparts.
Being a victim of a data breach can cause major trauma and disruption, particularly as cybercriminals can leverage personal data to commit fraud, sell across the dark web or hold the victim to ransom. Consumers and businesses must understand the importance of data security and privacy. The formation of regulations like the European General Data Protection Regulation (GDPR) has laid the foundation for businesses to protect personally identifiable information (PII) and given consumers the control over how their data is handled.
However, there also needs to be an element of proactiveness and security awareness from consumers. Those that show an apathy to security will surely be caught out. Thankfully, the signs are promising as researchers analysed 1,200 users to compare their Cyber Security Scores to ascertain their collective understanding of security and found it has significantly risen by 26 percent over the past 12 months. This suggests that UK consumers are taking the necessary steps to stay protected online. The most important thing is to spread cybersecurity awareness and act on the teachings. This is equally true for employees of a company as it is for us as private individuals.
For enterprises, the most important way to reduce the risks associated with breaches is to protect the data itself, while making it useless for attackers. The data-centric security concept of using tokens instead of plain text data allows you to protect data at the earliest possible point in its lifecycle and de-protect it only when absolutely necessary, meaning no matter how the data is stored, moved or even lost, it will always remain protected. And above all, protected data will be worthless to cybercriminals.