In light of the recent WannaCry ransomware attack, it is important to consider how information governance can help an organization prepare for a ransomware attack.
There were 1,792 data breaches in 2016, which led to almost 1.4 billion data records being exposed worldwide, according to the Breach Level Index (BLI) report from Gemalto. This is up nearly 300% from 2015.
As we have discussed in a previous blog post about Sony, the consequences of a data breach reach beyond the initial loss of data. The latest company to experience this is Arby's.
The moment that we all dread can unfortunately happen at any time in today's work environment: You are sitting at your computer when suddenly, you are alerted that there has been a data breach or that your files are being held ransom.
This study also included business associates which are organizations that perform services for an entity that handle protected health information (PHI). This is an important note as the more connected businesses become, the more potential that exists for a breach, even if that happens outside the healthcare organization. The Ponemon institute, which conducted the study, estimates that the average cost per breach is $2.2 million.
When it comes to cybersecurity and regulatory compliance, several factors come into play. First and foremost, the human element is important to consider. Basic best practices such as strong and continually changing passwords and ensuring the security of your wireless networks are essential. Also, creating an overall regulatory compliance plan that is understood by all parties.
Data breaches are so common now it hardly breaks through the 24 hour news cycle. Banks, social media sites, law offices and even small, private businesses have all been victims. Overall, the total average cost of data breaches paid by organizations was $6.5 million.
Earlier this month, China admitted for the first time publicly that the data privacy breach of the U.S. Office of Personnel Management's computer systems was the work of Chinese hackers. However, China insisted that these attacks were the work of criminals, not a state-sponsored attack. There has been no information released about any identifying details of these criminals.