It's not that there are less data breaches lately – it's that they're not being disclosed. That's basically what Huntsman Security is saying, after it requested data about error and breaches in security through the Freedom of Information act. Between April 2015, and March 2016, a total of 2,048 incidents were reported to the Information Commissioner’s Office (ICO).
This represents a jump of 88 per cent, as the year before, there were a total of 1,089 reported incidents.
“Unfortunately, this is not the full story. The average organisation is subject to multiple breaches, of which only some will be detected, so the figures reported to the IOC are likely to be understated,” said Peter Woollacott, CEO, Huntsman Security.
“The root of the problem is that organisations are under such an intense barrage of cyber activity that threat alerts; many of which turn out to be benign are overwhelming cyber security teams. There is simply too much data to analyse and verify manually. Genuine threats require immediate attention but frequently the investigation of benign and even false alarms can waste a great deal of valuable time and resources. Verizon’s DBIR 2016 gave a clear illustration of this problem, revealing that whilst 84 per cent of attacks compromise their targets within days or less, under a quarter are detected within that timeframe.”
Financial sector was particularly 'concerning', the report suggests. In that sector, organisations reported less than six per cent of all incidents, but drew in 33 per cent of all ICO penalties.
"Quite simply, no news is bad news: if breaches aren’t being detected, it most likely just means that security analysts are having difficulty finding the needles in the haystack. To help them see through the noise generated by security alerts, organisations must find a way to automate threat verification and eliminate the wasted effort that result from false alarms,” Woollacott added.
“By using machine learning to identify otherwise “invisible” threats, security analysts can easily identify those that really matter, and as a result, significantly reduce their time at risk from cyber threats. This in conjunction with automation and streamlining the incident management process means that organisations can put themselves, the ICO and the wider public at greater ease that our data is safe in their hands.”