In This Issue

 

Data Breaches Increasing at a Record Pace

A recent report highlights the increasing threat of data breaches and the sectors that are most vulnerable.

 

Hollywood Hacked

Hollywood is especially vulnerable to cyber attacks, as proven by a recent HBO hack.

 

Accidental Employee Breaches on the Rise

The number of security breaches caused by employee error is almost as high as those caused by cyber criminals.

 

2017 Cost of Data Breach Study

Read about a few key takeaways from the 2017 Cost of Data Breach Study.

 

 

Data Breaches Increasing at a Record Pace

According to a recent report from the Identity Theft Resource Center and CyberScout, 791 data breaches were reported during the first half of 2017 in the United States alone, marking a 29 percent jump from the same period in 2016. The increasing rate of cyber breaches indicates that many companies are still failing to take cyber security seriously.

 

Most Vulnerable Sectors

The report organized the data breaches into five sectors: banking, health care, government, education and business. At 54.7 percent, the business sector experienced the highest percentage of total breaches reported. Coming in second was the health care industry at 30.7 percent. Third was the education sector at 11.3 percent, with financial and government trailing at 5.8 and 5.6 percent respectively.

 

The Real Numbers

The 791 breaches reported included at least 12 million records, which contained credit card numbers, medical files and Social Security numbers. However, the actual amount of records exposed could be much higher, since most industries aren’t required to share the type of information stolen and number of records compromised. In fact, 67 percent of all the breaches omitted such details, marking another record high.

 

Cost of a Breach

Not only is the number of data breaches at a record high, but so is the average cost of a breach—up 5 percent from last year at $7.35 million. What’s more is that since data breaches are so common, only a small portion make the news, so many businesses fail to realize the threats they’re exposed to until they find themselves victimized.
Be proactive, and contact S.S. Nesbitt & Co., Inc. to ensure you have the proper coverage to protect your company against losses from data breaches.

 

Accidental Employee Breaches on the Rise

When it comes to cyber security, ransomware attacks have made the most news this year. However, an almost equal threat comes from within an organization. Accidental breaches caused by employee error and third-party suppliers accounted for 30 percent of all breaches during the first half of 2017, according to a new report from Beazley. Breaches that resulted from hacking and malware attacks led by only 2 percent, accounting for 32 percent of all breaches.

The highest rates of employee security breaches were in the financial and health care sectors. Almost one-third of financial data breaches involved unintended disclosure—employees sending personal banking details to the wrong recipient. Unintended disclosure also accounted for 42 percent of health care breaches.

 

2017 Cost of Data Breach Study

The following are key takeaways from the 2017 Cost of Data Breach Study:

  • Although the overall cost of a data breach decreased from $4 million to $3.62 million globally since last year, the United States saw a 5 percent increase at $7.35 million.
  • Having an incident response team reduced the cost of a data breach by nearly $1 million.
  • Health care is the most costly industry for data breaches, costing organizations $380 per compromised record.

 

Cyber Insurance Volume Up 35 Percent

According to Fitch Ratings, the direct written volume for cyber insurance in the property and casualty industry increased to $1.35 billion, up 35 percent. The agency credited the increase to frequent reports of computer hacks and high-profile ransomware attacks. Future cyber growth will be dependent upon more consistent policy terms and conditions, a better understanding of coverage and increased efforts to comply with cyber regulatory standards.

 

Hollywood Hacked Again

Since the 2014 hacking at Sony Pictures, more recent events have shed light on Hollywood’s cyber security exposures. The latest involved the hacking of HBO’s social media accounts and the leak of an unreleased episode of “Game of Thrones.” In separate incidents, hackers also stole episodes of the network’s “Curb Your Enthusiasm,” “Insecure” and “Ballers.”

Although every type of business is vulnerable to cyber crime, Hollywood faces unique challenges due to the amount of post-production freelancers hired for things like special effects and music. In the case of HBO, employees are required to have security-awareness training and two-factor identity authentication. However, the company has no control over freelancers that handle sensitive information via their personal devices. That leaves cyber security in control of their third-party vendors, which creates a significant risk.

The costs incurred from of a Hollywood hack are significant. A movie loses an average of 19 percent of its box-office revenue if it is stolen and made available online before it is released in theaters. Furthermore, if people can watch movies and shows for free, they’re less likely to pay for a subscription to HBO or Netflix.

Although the FBI advises against paying ransom to hackers, Hollywood can lose millions of dollars if a popular show or movie is stolen, forcing them to make a difficult decision. Paying the ransom may be less costly than losing millions of dollars in revenue. However, there is no guarantee that paying the ransom will prevent the content from being leaked. When Larson Studios paid about $50,000 in bitcoin to prevent the leak of unreleased episodes of “Orange Is the New Black,” the hacker took the bitcoin and leaked the stolen episodes anyway.

Although hackers stole an HBO executive’s emails, they have not breached the company’s entire email system. It is still uncertain as to how its computer system was hacked.

Four people—current and former employees of a Mumbai-based company that stores the series for an online streaming service—have been arrested for the “Game of Thrones” leak. The compromised Facebook and Twitter accounts were unrelated and perpetrated by a group called OurMine. HBO rectified the situation quickly, removing the social media posts within an hour.

 

Click Here for More Articles 


This content was abstracted from Zywave’s “Cyber Risks + Liabilities” newsletter.