Cybercriminals are always looking for new opportunities to exploit. This was never more apparent than in 2020 when hackers launched a record number of attacks on a host of organizations in the public and private sectors. Even education and healthcare sectors weren’t spared, with the U.S. Department of Health and Human Services (HHS) reporting over 536 breaches of unsecured protected health information during the year, in the U.S. alone.
Here are some additional key statistics from data breaches in 2020.
The continued threat of ransomware
According to the Cost of a Data Breach Report 2020, published by the IBM and the Ponemon Institute, malicious outsiders were responsible for 52% of all data breaches in 2020. Among these attacks, ransomware attacks topped the charts as cybercriminals used data theft, creating somewhat of a secondary market for extortion.
The report also analyzed the cost of breaches based on different categories of attacks. Results found that the average cost of a malware breach was $4.52 million, while a ransomware breach amounted to $4.44 million on average (all figures U.S.).
New challenges with COVID-19
With more than two-thirds of organizations adopting the work-from-home model due the COVID-19 pandemic, there was a surge in cyberattacks as criminals rushed to exploit the gaps in cybersecurity measures that left thousands of small, medium, and large organizations vulnerable to security risks.
Anxiety permeating the public sphere further intensified with the wave of spam email campaigns, ransomware messages, phishing attempts, and social engineering techniques. These scams took advantage of the fear of the unknown, and the scarcity of everything from toilet paper to PPEs.
Lack of cybersecurity training
With a rise in COVID-19 phishing and scams, 23% of data breaches in 2020 were caused by human error. For purposes of comparison, socially-engineered and targeted attacks accounted for 17% of data breach cases in the year. As more sensitive data leaves secure devices and company networks during the work-from-home era, gaps in cybersecurity awareness and training became more damaging than ever.
Lessons learned
Whether you suffered an attack or a breach in 2020, or you are concerned about your exposure in the future, ISA Cybersecurity can help. We have learned the lessons from a difficult year, and combined that with our 30 years of experience in providing cybersecurity services in Canada and around the world. At ISA Cybersecurity, we provide managed security services solutions, cybersecurity management services, and security consulting services that can be customized to meet the needs of your organization.
Don’t become a statistic in 2021 – contact us to learn more about how we deliver cybersecurity services and people you can trust.