U.S. Top-Ranked Globally in 2016 Data Breaches, Finds Report

Posted on January 26, 2017
FTC Says Identity Theft Victims Don't Always Need a Police Report
The United States takes the number one spot worldwide in data breaches disclosed last year, revealed a new report analyzing breach activity in 2016. Risk Based Security’s annual report released on Wednesday found that the U.S. accounted for nearly half – 47.5 percent – of all incidents, and a whopping 68.2 percent of all exposed records. Close to 2,000 breaches came from the United States last year – almost tenfold the total breaches that originated from the United Kingdom, which ranked number two with just 204 incidents.
Screen-Shot-2017-01-25-at-11.41.28-AM.png
Source: Risk Based Security Furthermore, the report noted that from these U.S. breaches, a staggering 2.91 billion records were exposed, the majority due to the high-profile hacks at Yahoo, FriendFinder and MySpace. Russia ranked second in the most records exposed, with a significantly lower 259 million.
Screen-Shot-2017-01-25-at-11.44.11-AM.png
Source: Risk Based Security It’s important to note that the U.S. is one of the the largest economies in the world, so it's not entirely surprising that the country would experience proportionally more data breaches simply because there’s more data to be breached. Nonetheless, as Tripwire Director of IT Security and Risk Strategy Tim Erlin explains, there may be more to it than the United States’ leading economy.
“Breaches in the U.S. surpassed other large economic players by far, meaning this likely isn't just about proportional opportunity for incidents. For example, China and the Russian Federation – also among the world's top economies – had significantly fewer reported breaches. However, they also have very few disclosure laws," said Erlin.
Meanwhile, Tripwire Chief Technology Office Dwayne Melancon believes many organizations are implementing insufficient, "quick fixes" for information security. "Organizations proactively protecting and defending against breaches can benefit most by focusing on implementing foundational controls," said Melancon. "This includes knowing what is on the network and how it's changing; how IT assets relate to the business; implementing a solid process to ensure systems and applications are configured securely; understanding and managing vulnerabilities; as well as implementing a continuous diagnostic and monitoring process to keep the business safe," he added. Until organizations adopt these fundamental security controls, the U.S. will remain at the top of the breach leaderboard, warned Melancon.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!