by Brian Thompson | Jul 30, 2019 | Breach
In the recently released 2019 Verizon Data Breach Investigations Report (DBIR), Verizon found that 43% of breaches affect small businesses and that a third (32%) of breaches involved phishing, a form of social engineering.
Verizon built this report upon the analysis of 41,686 security incidents and 2,013 confirmed data breaches, the Verizon DBIR digs into the overall threat landscape, the actors, actions, and assets that are present in breaches.
The 2019 Verizon Data Breach Investigations Report (DBIR) Key Takeaways (please see here) highlights 12 key takeaways including:
- Financial gain remains the most common motivate behind data breaches (71%)
- 43% of breaches affect small businesses
A third (32%) of breaches involved phishing- The nation-state threat is increasing, with 23% of breaches by nation-state actors
- More than half (56%) of data breaches took months or longer to discover
- Ransomware remains a major threat and is the second most common type of malware reported
- Criminals increasingly target Business Executives with social engineering attacks.
- Crypto-mining malware accounts for less than 5% of data breaches, despite the publicity it didn’t make the top ten malware listed in the report
- Espionage is a key motivation behind a quarter of data breaches
- 60 million records breached due to misconfigured cloud service buckets
- Continued reduction in payment card point of sale breaches
- The hacktivist threat remains low, the increase in the DBIR 2012 report appears to be a one-off spike
An interesting takeaway:
Cyber attackers target the network, where executives are “six times more likely to be a target of social engineering than they were only a year ago; and, C-level executives are 12 times more likely to be the target.”
This means that Business Email Compromises (BEC) are proving successful for ID theft criminals and cyber thieves.
Verizon stated that BEC breaches represented 248 (18%) confirmed breaches out of the 2,013 confirmed data breaches. In addition, Risk-Based Security recently announced the release of its Q1 2019 Data Breach QuickView Report highlighting how over 1,900 data breach events — exposing over 1.9 billion records — were reported in the first three months on 2019.
According to Risk Based Security, “no other first quarter has seen this level of activity, putting 2019 on pace to be yet another ‘worst year on record’ for the number of publicly reported breaches.”
The report found “that 67.6% of records compromised in Q1 were due to exposure of sensitive data on the Internet.”
If you are a small business, considering Identity Theft Protection as an Employee Benefit or a breach readiness and response program is worth considering!
by Brian Thompson | Jul 30, 2019 | Identity Theft
Employers often ask, “Why should I provide identity theft protection as an employee benefit?”. Let’s face it, we increasingly live our lives online. If it’s banking, social media, or buying products and services we constantly expose ourselves to potential fraud.
With that, employees are more aware of the issue either through personal experience or the frequent breaches in the headlines. But again, why should you add Identity Theft Protection as an employee benefit? After all, they can just go get it on their own, right…yes
But employees expect their employer to help them with their financial wellness. Employees expect financial vehicles such as 401k plans, disability insurance, medical insurance, life insurance, and student debt programs. And now, increasingly looking to employers for programs to protect them against the detrimental effects of Identity Theft.
If you have not considered Identity Theft Protection, here are the top reasons why you should consider it.
- It is a huge problem! The enormous number of breaches can not be overlooked. Employees are aware and understand that they are at greater risk now than ever before. Identity Theft is the fastest growing crime in the United States according to the Federal Trade Commission (FTC) but so few people know what to do about it. The right Identity Theft Protection program mitigates the risks and gives employees a place to turn when fraud does happen.
- Productivity. Peace of mind is prerequisite to focus. Identity Theft is a huge distraction, one that interrupts focus and will negatively impact your
employee and your business. Employee’s dealing with identity theft are worried about financial security. An employee will spend anywhere from 40-60 hours during work on recovering their identity according to the FTC. Employees covered with an effective Identity Theft Protection program, a dedicated Recovery Advocate is assigned to the case. The recovery advocate will work on the employee’s behalf, ensuring resolution and alleviating time spent away from work. Peace of mind with a place to turn, keeping your employees focused and productive.
- Return On Investment. What is the cost of 7% of your employee group being out for 40-60 hours? The Return On Investment with a program is significant. Presenteeism, absenteeism, and lack of focus all result in a loss to the company. A program done with the right provider can significantly decrease the cost of a program, increasing your ROI.
- Protect the Company. Most breaches are a result of social engineering. Social Engineering is the use of deception to manipulate employees into divulging confidential or personal information for fraudulent purposes. Employee personal data exposure can give bad actors easy access to the company network. Identity theft protection programs can mitigate the risks of exposure by helping to identify and react rapidly when an employee has their identity stolen. Providers also provide educational awareness around the dangers of social engineering, password management, and other threats to decrease their susceptibility to threats.
- Attract and Retain by Staying Relevant. Employers are constantly competing with salary and benefits. In a world constantly peppered with cyberattacks, Identity Theft Protection is in high demand and more relevant than ever before.
- Attracting Talent is top of mind for many companies. Unique, personalized benefits packages that address the core benefits of financial wellness are staples to the package. Identity Theft Protection, often considered an ancillary benefit may be the benefit that puts you ahead of the competition.
- Retaining employees should be a driving factor in your benefits portfolio. Yes, attracting new talent might be the goal…but keeping the talent you have is a must. Continued engagement and value through Identity Theft Protection will help.
An Identity Theft Protection as an employee benefit is worth serious consideration. It will contribute to workplace productivity, allowing employees to stay focused on their job instead of the fears of identity theft. The risks of identity theft are real, affecting millions of employees and companies but a great provider can help.
Click here for or more information on What Identity Theft Protection Companies Actually Do
or here for the 14 Features of an Identity Theft Protection Company and the Most Important One!
