If you’re looking for the culprit in the company data breach, it might be time to pull up a mirror.
Cloud solutions manager Intermedia says it’s none other than employees who are the reason for hacks. Almost all — 99 percent — admitted to committing dangerous actions, even when they didn’t think they were dangerous.
Intermedia’s latest Data Vulnerability Report surveys 1,000 office workers, going over the habits of employees. They found that 96 percent of workers auto-save their passwords on their work computer instead of entering the information manually.
Another 24 percent use the same passwords for work and personal accounts. More than one-third of workers say they store work-related information on personal services or devices, like in the cloud or on phones. This is nearly triple from 2015’s survey.
“While employees may find these practices to be more convenient, they leave their organizations and networks more susceptible to cyber attacks,” Intermedia says. “It’s clear that there is a great deal of education, as well as sweeping changes to habits, policies, and procedures, that must take place.”
Risks are high even after employees are long gone: 34 percent of workers admit they have tapped into materials after leaving a company. It’s even higher among IT workers, where 49 percent have done so.
In this roundup, we go over a slew of data breaches and cybersecurity risks from companies that have experienced hacks to people who simply won’t change their habits to avoid getting scammed.
If your job hasn’t been hacked, it’s going to be
You might be feeling pretty good about your company if they haven’t had a data breach yet, but don’t get too comfortable. It’s only a matter of time before it happens to you.
A survey from Hartford Steam Boiler (HSB) and consulting firm Munich Re discovered that almost one-third of business in the United States had a data breach within the last year. Eighty percent of them spent thousands of dollars responding to them — 30 percent of those spent more than $50,000.
In almost half of all breaches, it was a vendor or contractor for the company that caused the damages (47 percent). Two-thirds say their company reputations were hit hard by the breach.
“Almost all of our personal and business data can be accessible on the Internet through online business connections, websites and social media,” says Timothy Zeilman, vice president for HSB. “And that exposes our private information to attacks from hackers and cyber thieves.”
The biggest problem companies fast is post-breach, when 51 percent of companies said lack of knowledge on how to handle attacks and prevent it from happening again. Another 41 percent say a lack of resources is holding them back from taking preventative measures.
No one is safe — not even doctors
When it comes to immunity, you’d think doctors would know all about it, right?
Not when it comes to data breaches. A new study from solutions company Accenture and the American Medical Association found that 83 percent of physicians have had some form of cybersecurity attack. Nearly 3 in 4 are worried future attacks will limit their practices and compromise patient records. More than half are concerned with the possibility of a breach affecting patient safety.
The problem lies in the very helpful area of having patient information and records online. Most doctors think it’s important to have information shared virtually, but want there to be a safe and secure way of providing this to their patients.
“New research shows that most physicians think that securely exchanging electronic data is important to improve health care,” says AMA President Dr. David Barbe. “More support from the government, technology and medical sectors would help physicians with a proactive cybersecurity defense to better ensure the availability, confidentially and integrity of health care data.”
Doctors aren’t alone in health breaches
Physicians may be hoping for better security when it comes to avoiding a cyber attack, but health care providers aren’t taking potential breaches seriously.
Black Book says 80 percent of health care provider organizations don’t have a plan in place for a potential security breach. More than half — 54 percent — don’t regularly check their potential risks, leaving them open for threats constantly.
The big surprise, however, is that the people leading these health care organizations don’t care about potential threats. Black Book says 92 percent of officers in these companies don’t believe cybersecurity is a big deal, so it doesn’t come up with boards of directors.
“Cybersecurity has to be a top-down strategic initiative as it’s far too difficult for IT security teams to achieve their goals without the board leading the charge,” says Doug Brown, managing partner of Black Book. “The critical role of medical facilities, combined with poor security practices and lack of resources, make them vulnerable to financially and politically motivated attacks.”
As medical facilities and payers continue to be preyed upon, our health care data is more at risk than ever.
Your face is going to get you hacked
Even though artificial intelligence can be helpful — like asking Siri what the weather is like or getting personalized movie recommendations from Netflix — it can be harmful, too.
Security solutions company Webroot says 87 percent of cybersecurity pros are using AI in their fight against breaches, and even more — 99 percent — believe AI could improve their cybersecurity. But 91 percent of professionals believe hackers could use artificial intelligence against them.
“There is no doubt about AI being the future of security as the sheer volume of threats is becoming very difficult to track by humans alone,” says Hal Lonas, chief technology officer of Webroot. “AI is here to stay and it will have a large impact on security strategies moving forward.”
Webroot says even as technology continues to develop faster than ever, nothing can replace a human. Experts are needed to oversee machines to avoid allowing cyber threats to come through.
“Cybercriminals are beginning to use AI and machine learning to develop even more advanced threats,” Webroot says. “As they continue to innovate, it takes more creativity to stay ahead of them. Let the machines solve the simpler problems, so human experts have more time to think of new ways to solve problems and identify threats.”
If not your face, your actions
We don’t need artificial intelligence to lead us to a data breach when human errors are doing just fine in that regard.
Online security software company Netsparker says 80 percent of Americans have admitted to doing things that put themselves at risk of being hacked, like using public Wi-Fi and clicking on unknown links.
The survey says unsecured Wi-Fi networks were the most popular way Americans are putting themselves at risk (40 percent), while clicking on unfamiliar links on social media was second (35 percent). Another third say they download files from unknown sources and the same amount open email attachments from people and places they don’t know. People are still doing this even though 57 percent of Americans would be upset if their emails were hacked.
Some potential hacks could come out of sheer laziness: 34 percent of respondents say they use the same passwords for all their logins and 33 percent are using weak ones. The majority of them — 58 percent — have less than four passwords across all of their online logins.
Even getting hacked won’t stop us from irresponsibly using technology. Only 21 percent would remove an Internet of Things device (like smart home devices) from our homes. One in 4 don’t know that those devices have to be updated, just like computers or phones — which help lessen the likelihood of breaches.