Washington focuses on cybersecurity
Rep. Marsha Blackburn (R-Tenn.) introduced cybersecurity legislation. The Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology (SECURE IT) Act of 2013 that she put in the hopper on April 10 is aimed at "better protecting America from the threat of cyber attacks," she says.
"Instead of playing politics and pushing top-down mandates on the victims of cyber attacks, I'm focused on creating a consensus approach that balances the interests of American citizens and businesses while holding the federal government more accountable,"
Blackburn said in a news release.
The bill includes five main components: allowing the government and the private sector to address cyber threat information in a more transparent fashion; reforming how our government manages its own information systems; creating new deterrents for cyber criminals; prioritizing research and development for cybersecurity initiatives; and streamlining consumers' ability to be notified when they are at risk of identity theft or financial harm.
On April 23, Verizon issued its 2013 Data Breach Report, which includes 621 confirmed data breaches, as well as more than 47,000 reported security incidents.
According to Verizon, over the entire nine-year range of the study, the tally now exceeds 2,500 data breaches and 1.2 billion compromised records. Verizon is joined by 18 organizations from around the world in contributing data and analysis to this year's report.
"The bottom line is that unfortunately, no organization is immune to a data breach in this day and age," said Wade Baker, principal author of the Data Breach Investigations Report series. "We have the tools today to combat cybercrime, but it's really all about selecting the right ones and using them in the right way.
"In other words, understand your adversary - know their motives and methods, and prepare your defenses accordingly and always keep your guard up," Baker said.
According to the report, external attacks remain largely responsible for data breaches, with 92 percent of them attributable to outsiders and 14 percent committed by insiders. This category includes organized crime, activist groups, former employees, lone hackers and even organizations sponsored by foreign governments.
As in Verizon's prior year's report, business partners were responsible for about one percent of data breaches.
"A lot of the breaches we find in healthcare are similar to retail breaches," says Suzanne Widup, Verizon's senior analyst. "If you look at some of the publicly disclosed [healthcare] breaches, a lot of them are on laptops."
"You really need to know where your data is," she advises. "The more complex your environment, the more ways your data can exit. Can a disgruntled employee walk off with your database on a usb drive? Look at your data from the perspective of someone trying to get your data; how easy is that?"