Nearly all breaches are preventable, study shows

News by Ava Fedorov

Last week the Online Trust Alliance (OTA) released its 2015 Data Protection Best Practices and Risk Assessment Guides, which also analysed data breaches and incidents throughout the first half of 2014.  

According to the results, a whopping 90 percent of breaches were the due to firms lacking
cyber-security strategies and risk assessment. In other words, almost all the breaches that occurred during this time period were preventable.

Such a stark conclusion demands further insight, and OTA cites a lack of internal controls, lost or stolen devices and documents, social engineering and fraud comprising nearly one third of all breaches. Almost as many incidents were caused internally, by employees acting either in ignorance or maliciously.

As part of their Risk Assessment Guide, OTA addresses the questions that IT decision makers must be asking in order to identify and mitigate preventable incidents from occurring.  "Businesses are overwhelmed with the increasing risks and threats, yet all too often fail to adopt security basics,” Craig Spiezle, executive director and president of OTA, told online news sources.

Implementing best cyber-security practices combined with controls and cross checks, Spiezle continued, “can help prevent, detect, contain and re-mediate data breaches."


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews