During 2016, our BakerHostetler privacy and data protection team worked on data security incidents across virtually all industries. For the second year in a row, phishing/hacking/malware attacks have accounted for the largest percentage of incidents handled by our team. Specifically, security incidents arising from phishing/hacking/malware made up 43 percent of all security incidents we handled last year – a 12 percent jump from 2015 – with ransomware attacks (i.e., events where malware prevents or limits users from accessing their system until a ransom is paid) accounting for nearly a quarter of such incidents.
With the adoption of new technologies, the collection and use of larger amounts of data, and the increasing sophistication of cyber-attackers, the risk landscape for companies drastically changes from year to year. Last year saw the first security incident to affect more than 1 billion accounts, as well as a reported increase of more than 500 percent in ransomware attacks. While investing in network security and breach detection technologies is an essential component to building an effective cybersecurity strategy, companies must also take enterprise-wide steps to ensure that everyone, from executives to front-of-house employees, is involved in risk-reducing behaviors. In our 2017 Data Security Incident Response Report, the BakerHostetler incident response team looked back at the more than 450 incidents that we handled in 2016 to identify the top causes of security incidents across industries. Continue Reading