Cyberattacks are becoming the number-one risk to businesses, brands, operations, and financials, according to recent “SonicWall Cyber Threat Report” (March 2018). There were 9.32 billion malware attacks in total in 2017, representing an 18.4% increase over 2016.
On the other hand, Verizon's Data Breach Investigations Report (DBIR) shows that more a quarter of the time, data breaches across the world originated from an organization’s "insiders.” But the report notes, malicious employees looking aren’t the only insider threat you face. Errors were at the heart of almost one in five (17%) breaches.
Healthcare is particularly at risk, according to this report, and is the only industry where the threat from inside is greater than that from outside. Human error is a major contributor to those stats.
Meanwhile, the IBM/Ponemon “Cost of Data Breach Study” (June 2017) placed the average total cost of data breach for the 419 companies participating in its research at $3.62 million, with the average cost per lost or stolen records at $141.
The new E.U. General Data Protection Regulation (GDPR), which went into effect in May, 2018, defines specific guidelines on how E.U, residents’ personal data must be collected, stored, and safeguarded, by companies around the world. It also promises to impose fines for failure to do so of up to 4% of worldwide revenue or 20 million euros, whichever is greater.
Sounding an ominous note, Gartner has predicted that by the end of 2018, more than 50% of companies affected by GDPR will not be in full compliance with its requirements.
As if that were not enough, the revised Markets in Financial Instrument Directions (MiFID II) went into effect at the beginning of 2018 in the EU, adding sweeping regulatory changes that will impact transaction reporting on all financial instruments traded in Europe and affect U.S. firms that do business with European counterparts or customers.
According to Bloomberg, “regulators want to be able to spot risks early and quickly reconstruct events when something suspicious happens, so MiFID II will force the investment community to keep tabs of almost everything.” This means that financial services organizations will need—among other things—the ability to track the provenance of information through their systems, and support on-demand audit and investigative requests for access to transactions, customer records, reports, and other records.
With the variety of regulatory mandates, potential fines for non-compliance, and the overall risk landscape for breaches heightening, now, more than ever, companies must take steps to have a comprehensive data management game plan and avoid one-off solutions to each new challenge that appears.
Fortunately, there are solutions and services available to address these complex data security and compliance issues in order to help organizations be prepared for today’s regulations and cyber threats as well as any new ones that may emerge down the road.
Best Data Security Solution
Oracle Audit Vault and Database Firewall
IBM Infosphere Gaurdium
IDERA SQL Compliance Manager