backtop

Print E-mail del.icio.us 3 comment(s) - last by JediJeb.. on Jan 12 at 2:06 PM
A non-profit group showed data breaches rose sharply in 2008

A report published by the Identity Theft Resource Center (ITRC) estimates more than 35 million data records were illegally accessed during 2008.  The ITRC also believes the number of reported data breaches occurring in the United States increased almost 50 percent, and the number could be higher.

"Our sense is that two things are happening -- the criminal population is stealing more data from companies and that we are hearing more about the breaches," ITRC said in a statement.  "ITRC has been tracking breaches since 2001.  One thing we absolutely can say is that data breaches are not a new problem."

The group reported 656 reports of data breaches in 2008, which is up from 446 in 2007, where 35 million data records were breached.  Insider theft also doubled to account for almost 16 percent of the data breaches, with a third of the breaches caused by stolen laptops.

Along with theft or loss of laptops, hacking, accidental disclosure, employees improperly handling data, and issues with subcontractors also led to data theft.  To help try and reduce the amount of employee theft and negligence, many companies are beginning to crack down on the activities of their employees.

"We recently had a mid-sized institution in the U.S. that wanted to do a test of technology to help them monitor employee activities, and that ended up with two employees being arrested," Actimize chief marketing officer Amir Orad told the Washington Post.  "That's the type of outcome we did not see two years ago."  

Researchers were alarmed to find just 2.4 percent of all stolen information was encrypted, and only 8.5 percent had basic password protection.

The financial sector is the top industry at attempting to protect data, with financial institutions having only 78 major security breaches in 2008.

A copy of the report can be found here (PDF).

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Appropriate punishment
By s d on 1/10/2009 4:49:04 AM , Rating: 2
until such time as those who engage in malicious hacking or snooping are given appropriate punishment , such as life term incarceration, all information systems will never be safe ... just as Joe the Plummer




RE: Appropriate punishment
By hadifa on 1/11/2009 6:43:55 PM , Rating: 2
Fear of punishment has a deterrent effect but the Internet is wide open and spans over national boundaries. The attackers are organized better and have the advantage. Unless you commit something big, it will be expensive to trail you down and many institutes actually hide the fact that they had a breach because they see the disclosure as even more harmful.

As far as I can see, Either
1- Internet should change to make tracking and accountability and punishment a reality or
2- The systems should be overhauled and users very well educated.


RE: Appropriate punishment
By JediJeb on 1/12/2009 2:06:36 PM , Rating: 2
Another thing that should be done is that computers with sensitive data should not even be connected to the internet, or at least not without something along the lines of a VPN. So many places just hook up every computer they have to a single network that has a router connected to the internet. Sure it is simpler to impliment, but if the IT folks would put in a little effort and make separate networks for different types of uses it would help alot.

We used to have one server, which handled everything from client data, analytical results and accounting, and also was the internet firewall server. So glad those things have now been split out to separate servers and isolated from the general network that has internet access.


"If a man really wants to make a million dollars, the best way would be to start his own religion." -- Scientology founder L. Ron. Hubbard









botimage
Copyright 2010 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki