The Year 2015 In Data Breach: What Happened And How

A review of serious data breaches and vulnerabilities, from IBM security services, based on an analysis of its own client base. The actual number of what the authors of this study call “security events” declined significantly, as did “security attacks.” But there was an increase in the more significant category of “security incident,” which is defined as a probe deemed worthy of intense investigation. The average number of these at the companies analyzed was more than three per week. The industry most frequently attacked was healthcare, while financial services, which had that dubious honor in 2014, dropped to number three. Manufacturing, government services and transportation also moved up on the list of target industries. Overall, “insiders” were responsible for 60 percent of attacks, certainly an alarming finding, although about a third of those were considered “inadvertent actors.” The percentage of inadvertent actor incidents decreased somewhat from the previous year, a finding the authors say could be the result of better employee training.