Data breaches at a glance
of businesses rely on some form of digital communication or service
of businesses identified cyber security breaches or attacks in the last year
the average cost of a data breach for a medium-sized business
What are the biggest data breaches?
Number of compromised records
Why do data breaches happen?
Data breaches aren’t just the result of cyber attacks. There can be many other causes:
Weak and stolen credentials:
Many websites use off-the-shelf software, applications and plugins, which often contain vulnerabilities that can be exploited by criminal hackers.
Common website and web application security issues include potential for injection, privilege escalation and cross-site scripting.
Designed to disrupt and gain unauthorised access to a computer system, malware encompasses Trojans, social engineering, worms, viruses and spyware.
Human error accounted for 88% of incidents reported to the ICO in 2017/18.
How can data breaches be prevented?
Data breach prevention isn’t as simple as just installing antivirus software. Your ability to avoid a breach relies on three pillars: people, processes and technology.
Start with your staff:
Improving security training for employees is the best defence against cyber attacks. Find out how you can familiarise your staff with the basics of information security.
Implement basic cyber security measures:
Cyber Essentials is a framework that is suitable for small organisations and can help prevent up to 80 % of cyber attacks through the implementation of five basic controls.
Follow a proven information security framework:
Implementing an ISMS (information security management system) provides a systematic approach to protecting and managing your organisation’s information through effective risk management and is a more comprehensive approach to information security than Cyber Essentials.
Tighten up your technology:
All organisations should have the following technologies in place:
- Intrusion prevention
- Switched networks
- Malware/ virus protection
- Log file consolidation
- System monitoring
- Single sign-on
- Data leakage prevention
- Spam filtering
Assess your risks. Understand your weaknesses. Prepare your business.
Use our breach readiness checklist to find out whether you’re prepared for a data breach. You’ll receive a free personalised report on how #BreachReady you are, giving you a detailed summary of your answers and information and advice on the next steps to take.
How we can help you prepare for and respond to a data breach
GDPR notification requirements are complicated, but complying with them needn’t be. Our GDPR Data Breach Support Service will help you respond quickly and effectively to a data breach to meet the Regulation’s 72-hour notification requirement.
What makes us different
- We have an in-depth understanding of the GDPR’s requirements and how they can be met.
- We provide a complete compliance support service to help your organisation achieve GDPR compliance.
- Our specialist team has extensive data protection and information security management project expertise, both in the UK and internationally.
- We provide a total cyber resilience solution, comprising books, toolkits, software, consultancy, penetration testing, training and audits.
- We are the pioneer of ISO 27001, having led the world’s first successful implementation project.
- Our vast technical expertise, combined with extensive experience implementing frameworks and standards across a broad range of industries and countries, means we are unrivalled in our depth and breadth of services.
- We work with your organisation to tailor services that meet your budget and business objectives.
1Cyber Security Breaches Survey 2018