New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year.
10% may not sound like much when you consider some of the headlines about increases in ransomware attacks and other cyberthreats – even right here on my blog. But when you look at the breakdown of who is being targeted, who is responsible, what’s being stolen, and more from The 2021 Year End Report: Data Breach QuickView from Flashpoint, you begin to see some trends and what aspects of your cybersecurity you may want to shore up.
According to the report:
- 21% of data breaches in 2021 involved ransomware
- Nearly 23 billion records were exposed
- 77% of breaches were external attacks, with 15% being internal
A wide range of data types were stolen. According to the report:
Source: Flashpoint
The five most targeted industries in 2021 were:
- Healthcare
- Finance and Insurance
- Public Administration
- Information
- Professional/Scientific
One last interesting bit from the report is that the top two exploits and services mentioned on dark web forums for sale were zero-day and phishing attacks. Thwarting zero-day attacks require significant monitoring of system and user activity, whereas phishing attacks require a layered security approach that includes Security Awareness Training to identify and stop malicious email content along its path – including those emails that get all the way to the Inbox.
