If you felt like data breaches were in the news a lot in 2012, you weren’t imagining things: a report from Risk Based Security released last month shows that the data breach total for 2012 (2,644 incidents) marked a 117% increase from the 2011 total.
Here’s a look at the notable findings of the report and what those findings say about your need for data breach insurance.
More Data Breaches, Fewer Records Exposed?
Of note in the report is that, while the number of data breach incidents is up significantly from 2011, the number of records exposed is down: from 412 million in 2011 to 267 million last year.
This change could be explained in a number of ways:
- The number from 2012 might be artificially low due to incomplete reporting. Of the data breaches recorded for 2012, 20 percent did not include a count of how many records were affected. Still, if reporting was similar in 2011, the drop might reflect an actual decrease.
- The 2012 total could be lower because of who’s being targeted. Another potential explanation behind the decrease is that data breaches are occurring with more frequency to businesses and other entities that have access to fewer records. In other words, hackers could be shifting their focus to smaller firms, which tend to have fewer cyber security protections in place. While the data yield might be lower on a per-incident basis, the act of hacking into such systems is likely easier.
- The 2012 decrease could be thanks to better protection. On a bright note, the decrease in exposed records last year could be because more business owners have implemented systems for protecting and segmenting customer information so that it’s harder to get to in the event of a data breach.
Unfortunately, research regarding business data protection practices suggests that better protection is not the reason for the decline.
Will Data Breach Insurance Help Small Businesses?
So how do you know whether or not to buy Data Breach Insurance? First of all, evaluate your company’s risks. In 2012, data breaches were caused primarily by…
- Third-party incidents (7.3%).
- Insider activity (19.5%), including malicious activity by insiders (7.1% of incidents) and insider errors (8.9%).
While Data Breach Insurance (also called Cyber Liability Insurance) might protect you if and when you’re hurt by hackers, you may also require Errors & Omissions Insurance to protect you from incidents caused by mistakes made by members of your team.
Writtten by Brenna Lemieux - check her out at Google+ or Twitter