Retail industry leads the way in data breaches
The largest share of data breach incidents involved the retail industry, closely followed by food and beverages, according to a new report.
The 2017 Global Security Report from Trustwave shows that 22 percent of incidents involved the retail industry, followed by food and beverages at 20 percent.
Incidents involving point of sale (POS) systems also increased from 22 percent in 2015 to 31 percent in 2016. POS breaches are more common in North America which has been slower than the rest of the world to roll out the EMV chip and pin standard, suggesting that hackers are keen to exploit the weakest target.
"The statistics show that POS attacks have actually gone up," says Brian Hussey, VP of cyber threat detection and response, SpiderLabs at Trustwave. "You'd expect them to be going down as we're slowly rolling out EMV in the United States. The POS style attack is seen much less in places like Europe and Australia where EMV roll out is more widespread. What's interesting is that there are still the same amount of attackers, they know EMV is rolling out and are focused on targeting the remaining swipe systems because they know their victim pool is diminishing."
There is good news in that companies are detecting intrusions more quickly. The number of days from an intrusion to detection is down from 80.5 days to 49. Breaches are being contained faster too, with an average of 2.5 days from detection to containment.
"Companies are getting better at threat detection," adds Hussey. "More and more companies have expert resources to call on as they’re contracting out incident response and this has a big impact on bringing down malware's 'dwell time'. Threat hunting as an industry has really take off, companies assume the attack is coming and many assume it’s already there, so they invest in protection and threat hunting."
There's further evidence of the commoditization of cyber crime too, with zero-day vulnerabilities changing hands for as much as $95,000. Yet the average cost of infecting 1,000 vulnerable systems -- via spam or malvertising -- is now only $5.
The full report with much more information is available to download from the Trustwave website.