Data Breach

With cybersecurity threats on the rise, organizations are turning to token-based authentication as a secure and efficient solution to safeguard sensitive data and systems. Data breaches impacted 1.1 billion individuals in 2024, a staggering 490% increase from the previous year.1 Token-based authentication is a method of verifying a user's identity through digital tokens rather than traditional means such as passwords. These tokens are temporary and serve as access keys, allowing users to securely interact with systems, applications, and networks. The goal of token authentication is to strengthen security while improving the user experience. Instead of relying solely on static credentials (like passwords), which can be intercepted or stolen, leveraging a type of multi-factor authentication like tokens adds an additional layer of security by functioning as dynamic access credentials. How token-based authentication works Token authentication unfolds through a series of steps to ensure robust security. Here's a simplified breakdown of how it works in practice: User request and authentication: When a user attempts to log in, they provide their credentials (e.g., username and password). These credentials are verified by the authentication server. Token generation: After verifying the user's credentials, the server generates a token — a cryptographically secured string often containing information like the user's ID and permissions. Token sent to the user: The generated token is sent back to the user or their device to confirm authentication. Token usage for access: Now authenticated, the user uses the token to access the system or application. The token is passed along with each request to ensure the user is authorized to proceed. Token validation: Each time a token is presented to the server, its integrity and expiration are verified. If the token is valid, access is granted; if not, the session is terminated. Token expiration and renewal: Tokens are typically temporary and expire after a set period. Users must either re-authenticate or renew the token for continued access. This limits the time window during which a stolen token can be misused. Types of token authentication methods Token authentication comes in different forms to meet various use case requirements. Common types include: JSON Web Tokens (JWT) Lightweight, self-contained, and easily transferred between clients and servers, JWT is one of the most widely used token formats. It includes claims, which are bits of information about a user encoded within the token, such as roles and permissions. Example: A financial application uses JWTs to ensure only registered users can access private account data. OAuth tokens OAuth is an industry-standard authorization protocol that uses tokens to grant limited access to applications without revealing the user's credentials. It’s often used for third-party service integration. Example: When you log into an e-commerce platform using your Google credentials, OAuth tokens authorize access. Session tokens These are temporary tokens stored on the server to track authenticated sessions, commonly used in web applications to ensure secure browsing. Example: Online banking platforms rely on session tokens for secure user sessions. Refresh tokens Refresh tokens are designed to renew access tokens without requiring the user to log in repeatedly. They extend session durations while maintaining a high-security standard. Example: A subscription service app uses refresh tokens to maintain a seamless user experience without frequent logouts. Benefits of token-based authentication Token-based authentication offers several advantages that make it a preferred security measure for organizations of all sizes. Enhanced security: Tokens reduce the risk of breaches as they are temporary and encrypted. They’re also specific to sessions, applications, or devices, meaning unauthorized users cannot reuse stolen tokens effectively. Elimination of password reliance: Tokens reduce dependence on static passwords, which are often reused and susceptible to brute-force attacks. This bolsters an organization’s overall cybersecurity posture. Improved user experience: Token authentication allows for more seamless interactions by minimizing the need for repeated logins. With features like single sign-on (SSO), users enjoy convenient access to multiple platforms with a single token. Scalability: Tokens are flexible and can adapt to varied business use cases, making them ideal for organizations of all scales. For instance, application programming interfaces (APIs) and microservices can communicate securely via token exchanges. Supports compliance: Token-based authentication helps organizations meet regulatory compliance requirements by offering robust access control and audit trails. This is critical for industries like finance, healthcare, and e-commerce. Cost efficiency: While implementing token-based authentication may require an initial investment, it reduces long-term risks and costs associated with data breaches, system downtime, and customer trust. How Experian can help strengthen your authentication process At Experian, we recognize that strong security measures should never compromise the user experience. That's why we offer cutting-edge identity solutions tailored to meet the needs of organizations. Our tools allow you to integrate token-based authentication seamlessly into your systems while ensuring compliance with security best practices and industry regulations. Are you ready to take your business's security and user experience to the next level? Visit us online today. Learn more 12024-2025 Data Breach Response Guide, Experian, 2024. This article includes content created by an AI language model and is intended to provide general information.

  With cyber threats intensifying and data breaches rising, understanding how to respond to incidents is more important than ever. In this interview, Michael Bruemmer, Head of Global Data Breach Resolution at Experian, is joined by Matthew Meade, Chair of the Cybersecurity, Data Protection & Privacy Group at Eckert Seamans, to discuss the realities of data breach response. Their session, “Cyber Incident Response: A View from the Trenches,” brings insights from the field and offers a preview of Experian's 2025 Data Breach Industry Forecast, including the role of generative artificial intelligence (AI) in data breaches. From the surge in business email compromises (BEC) to the relentless threat of ransomware, Bruemmer and Meade dive into key issues facing organizations big and small today. Drawing from Experian's experience handling nearly 5,000 breaches this year, Bruemmer sheds light on effective response practices and reveals common pitfalls. Meade, who served as editor-in-chief for the Sedona Conference’s new Model Data Breach Notification Law, explains the implications of these regulatory updates for organizations and highlights how standardized notification practices can improve outcomes. Bruemmer and Meade’s insights offer a proactive guide to tackling tomorrow’s cyber threats, making it a must-listen for anyone aiming to stay one step ahead. Listen to the full interview for a valuable look at both the current landscape and what's next.  Click here for more insight into safeguarding your organization from emerging cyber threats.  

Review of Findings & Front-line Insights Panel Participants: Richard Goldberg (Moderator) – Constangy, Brooks, Smith & Prophete, LLP Michael Bruemmer – Experian Sean Renshw – RSM US, LLP Mark Greisiger – NetDiligence About NetDiligence Cyber Claims Study It is NetDiligence’s 13th year of doing this Cyber Claims Study. A total of 9,028 claims were analyzed during the past five years 2018-2022.An observation from the over 9,000 Cyber Claims (5000 of which are brand new claims this past year in 2023) analyzed is while many of the categories over the last five years have remained the same, the data has changed, sometimes dramatically. About Experian We provide call center coverage, notification coverage, as well as, identity theft protection, and all the consumer resolutions that go along with it for about 5000 data breaches every year, and I was delighted to be on the panel. Key Insights Experian has proudly sponsored the annual NetDiligence Cyber Claims Study for three years. During this time, I’ve witnessed companies adapt and transform their operations to confront the growing tide of cyber threats. The evolution of their infrastructure to anticipate and respond to these challenges has been remarkable and necessary. However, despite my front-row seat in this fast-changing landscape, the results of each study never fail to surprise and intrigue me. The insights from the latest study, conducted in 2023, continue to shape our understanding of the evolving cyber landscape. Ransomware’s Dominance Mark kicked off the discussion by shedding light on the escalating costs associated with cyber incidents. In 2022, the average incident cost for SME organizations remained stable at $169,000 (similar to the combined five-year window from 2018 to 2022 at about 175,000). However, there was a substantial increase for large companies, reaching $20.3 million in 2022 (and if you look at the five-year average, it was about 13 million). This surge raised eyebrows and set the stage for a deep dive into ransomware, a leading cause of concern. Examining Ransomware Trends The conversation swiftly shifted to ransomware, a pervasive threat in the cyber insurance landscape. As I stated, at Experian we see a correlation between the rise in ransomware and third-party breaches. Most of the industry experts on the panel participate in a Ransomware Advisory Group together. Mark brought up a good insight from our advisory group on the brazen tactics employed by threat actors lately, showcasing their intimate knowledge of the cyber insurance world. Business Sectors Under Siege Richard and Sean added to the discussion the top ten business sectors affected by ransomware, with professional services leading the pack. The impact on technology, with a payout of $830,000, stood out as well. Beyond Ransomware The conversation broadened to encompass other types of losses, such as social engineering and business email compromise. The focus on business interruption emerged as a key concern for cyber insurance claims, with the industry grappling with criminal acts versus non-criminal acts. Looking Ahead As the discussion unfolded, industry experts, including myself, expressed eagerness to anticipate the future cyber landscape. Predictions range from the industry mutating to the emergence of new players in the nation-state game. The role of artificial intelligence and innovative solutions from new vendors becomes a focal point of interest. In conclusion, the NetDiligence Cyber Claims Study 2023 Report paints a vivid picture of the challenges and transformations within the cyber insurance domain. The increasing sophistication of threat actors, coupled with evolving business strategies, sets the stage for continuous adaptation and innovation in the fight against cyber threats. As we look ahead, the resilience of businesses and the collaboration between industry stakeholders will play a pivotal role in shaping the cybersecurity landscape. I invite you to access the report and view the discussion replay for a deeper understanding of the challenges and transformations within the cyber insurance claims domain. Get NetDiligece Cyber Claims Study resources on-demand now! Download the report Watch the webinar NetDiligence’s latest Cyber Claims Study and Webinar, sponsored by Experian Data Breach, is available on-demand. This report serves as a resounding call to action, prompting businesses to ready themselves against cyber threats. Dive in to get insights and stay one step ahead of cyber adversaries.

Insights from the Cyber Risk Summit Beverly Hills – October 2023 Authored by Ryan Coyne I recently participated in a panel with industry experts, delving into third-party cyber risks. The panel shed light on best practices, challenges, and strategies to mitigate the impact of third-party incidents. Panel Participants: Stu Panensky (Moderator) – FisherBroyles, LLP Ryan Coyne – Experian Tom Egglestone – Resilience Mark Grazman – Fenix24  Matthew Saidel – FTI Consulting Agenda: Incident Best Practices: Collaboration & Coordination on IR Action Items Upstream Risk of Third Parties: Vendors, Suppliers & Business Partners Downstream Risk in the Policyholder Supply Chain The Cyber Risk Summit held in Beverly Hills provided valuable insights into the risks of engaging unsecured third parties. Key Takeaways Understanding the Significance Tom emphasized the longstanding nature of cyber risk exposure tied to third-party relationships. The increasing reliance on external vendors in a tech-enabled world has heightened this risk, especially with the surge in outsourcing and software adoption. Tom highlighted that, even in 2019, Gartner research indicated that 60% of surveyed companies worked with over 1000 third parties in their supply chain, setting the stage for the escalated risk environment post-pandemic. Crisis Communications in Third-Party Incidents Matt shared insights into the challenges faced when third-party incidents unfold. The necessity of involving crisis communications consultants early in the process, especially for upstream and downstream, was stressed. Preserving the right to operate and maintaining client trust amid incidents were key points Matt made.Hands-On Restoration PerspectiveMark, providing a hands-on restoration perspective, discussed the rarity of involvement at the inception of an event. His emphasis on locking down infrastructure, understanding the threat actor’s persistency, and encouraging robust backup strategies showcased the intricacies involved in restoration efforts.“Restoration efforts often kick in when patient zero is unidentified. Locking down the infrastructure and focusing on repairing affected elements are essential” – Mark Grazman, Fenix24 Notification Strategies and Legal Implications Representing Experian, I shared my perspective on notification complexities that the average consumer may not be aware of, such as notifying everyone upfront versus opt-in processes. The legal implications of notifying on behalf of others and coordinating with multiple parties. The nuanced approach to call center communication and the crucial factor of making details clear in notification letters in minimizing confusion for recipients.I want to emphasize a point I made earlier in the panel on the downstream impact of notification strategies and the need to customize communication for recipients.“For these incidents, it’s most important to minimize complexity on the notification side and minimize confusion for the recipient of your notification letter.” – Ryan Coyne, Experian Insights from an Insurance Claims Handler Tom, as an insurance claims handler, underscored the importance of understanding vendor contracts, particularly clauses related to defense and indemnity. He highlighted the need for transparency in the vendor’s incident response process, especially when the insured isn’t in control, adding a layer of complexity to communication and expectation setting. Crafting a Seamless Notification Process: Public-Private Partnerships Stu Panensky, Moderator: Public-private partnerships emerged as a recurring theme during the panel discussions. The need for collaboration between law enforcement, insurance companies, and businesses became evident. Stu emphasized the role of public-private partnerships in influencing better outcomes and impacting data protection, regulation, and litigation. The insights from the 2023 Beverly Hills Cyber Risk Summit underline the interconnected nature of cyber risks and the critical importance of proactive measures. Stakeholders are urged to adopt a collaborative approach, navigate legal complexities, and stay vigilant in the face of evolving challenges. I welcome you to watch the full discussion on-demand. Watch the panel session on-demand now

In the fast-paced world of cybersecurity, the ability to anticipate and adapt to emerging threats is not just a competitive advantage—it’s a business imperative. As we release our 11th annual “Experian 2024 Data Breach Industry Forecast,” we invite you to embark on a journey into the future of data breaches, a journey that promises to empower data breach professionals, cyber experts, and industry leaders alike. A Glimpse into Tomorrow’s Threat Landscape Our team of experts has meticulously examined the current cybersecurity landscape to identify the trends that will shape the industry in the coming year. The “Experian 2024 Data Breach Industry Forecast” provides a roadmap for staying ahead of these challenges, arming you with the insights needed to fortify your organization’s defenses. Six Pivotal Predictions: Decoding the Future Within the report, we unveil six pivotal predictions that promise to redefine the landscape of data breaches. While we can’t reveal all the details here, we’ll offer a sneak peek to whet your appetite: Six Degrees of Separation: There’s no question that third-party data breaches this year made headlines. Delve into the intricacies of supply chain security and discover why addressing vulnerabilities in the supply chain is the next frontier in cybersecurity. Little by Little Becomes A Lot: When trying to achieve a goal, it’s said that taking small steps can lead to big results. See how hackers could apply that same rule.  Not a Third Wheel: It’s widely known who the main players are globally that sponsor attacks and a new country in South Asia may join the international stage. No, not Mother Earth! Plutonium, terbium, silicon wafers — these rare earth materials present an intriguing opportunity for hackers looking to disrupt an enemy’s economy. The Scarface Effect: Like drug cartels, cybergangs are forming sophisticated organizations. Winning from the Inside: In 2024, we may see enterprising threat actors target more publicly traded companies, leveraging data extraction and their talents in plain sight as everyday investors. This is just a glimpse into the dynamic and evolving landscape detailed in our full report. Download the complete “Experian 2024 Data Breach Industry Forecast” to explore these predictions in-depth and stay ahead of the curve. Expert Analysis: Navigating Complexity with Confidence Backed by extensive research and the expertise of our seasoned analysts, the report provides more than just predictions; it offers a deep dive into the complexities of the modern cybersecurity landscape. Our experts share their insights on how these predictions will impact organizations and individuals, providing actionable intelligence that goes beyond the theoretical. Whether you’re a CISO, a Compliance Officer, or a Cyber Risk Insurer, the “Experian 2024 Data Breach Industry Forecast” equips you to navigate the challenges of tomorrow with confidence. Empowering You to Lead in Data Breach Response As you read through the report, you’ll find that our approach goes beyond merely highlighting problems; we provide solutions. Each prediction is accompanied by practical recommendations and best practices, ensuring that you not only understand the evolving landscape but also possess the tools to proactively address the challenges that lie ahead.Now, more than ever, it’s crucial to be proactive in your approach to cybersecurity. Download the full “Experian 2024 Data Breach Industry Forecast” to unlock the insights and strategies that will set you apart in the realm of data breach response. Your journey into the future starts here. The Future is Now. Are you ready to take the first step toward a more secure tomorrow? Download the report now and lead the way in data breach response. Read more

The threat of data breach is constant in our modern, digital world. And as technology advances, so do the strategies and tactics of malicious actors seeking ways to monetize the vulnerabilities of organizations. It’s not a matter of if, but when, a data breach could impact your organization, and it is important for businesses to understand how to operate in it. What is a Data Breach? For many organizations, a data breach is arguably one of the greatest threats to prevent. What is a data breach? Imagine your organization as a fortress, safeguarding a treasure trove of sensitive information—customer data, financial records, proprietary algorithms. A data breach is the unwelcome intrusion into this fortress, where unauthorized individuals gain access to confidential information, often with malicious intent. This can encompass many types of data, including personal identification information (PII), financial data, and intellectual property. Classifications of breaches can vary from intentional cyberattacks to inadvertent exposure due to system vulnerabilities or human error. To grasp the gravity of data breaches, Businesses face tangible consequences when their defenses are breached, and there are no signs of it slowing down. The frequency and severity of data breaches are alarming. According to recent studies¹, the healthcare sector experienced a 55% increase in data breaches in 2022. No business is immune to the evolving threat landscape especially companies that capture customer data and are also inherently the stewards of this data. Understanding the landscape of data breaches will help you better fortify your business against a breach. In the next sections, we’ll explore the causes, impacts, post-breach response strategies, and preventative tactics businesses can employ to safeguard their data. Causes of Data Breaches Human error Even the most well-intentioned employees can become the weak link in an organization’s security chain. According to the “2023 Verizon Data Breach Investigations Report,” 74% of data breaches involve a human element². Investing in comprehensive training programs is essential to foster a culture of cybersecurity awareness and mitigate the risk of employee-related mistakes. Cybersecurity vulnerabilities The digital landscape is rife with potential vulnerabilities, and cybercriminals are adept at exploiting them. Regular cybersecurity assessments, prompt system updates, and the implementation of robust security protocols are recommended proactive measures to fortify against breaches that capitalize on system vulnerabilities. Insider threats Data breaches can originate from within, whether through disgruntled employees with malicious intent or well-meaning staff who inadvertently compromise security. Gurucul’s “2023 Insider Threat Report” highlights that 60% of organizations experienced insider-related incidents in the past year³. Establishing stringent access controls, closely monitoring user activities, and implementing employee education programs are vital steps to mitigate the risks associated with insider threats. Weak and Stolen Passwords Weak and stolen passwords stand as one of the most common gateways for data breaches. Cybercriminals exploit individuals who use easily guessable passwords or recycle them across multiple platforms. This creates a vulnerability that can be easily exploited through automated attacks. Ensuring robust password policies, employing multi-factor authentication, and regularly updating credentials are necessary measures to thwart these breaches and safeguard sensitive information. Malware The insidious world of malware is a persistent threat to data security. Malicious software, often disguised as innocuous files or links, infiltrates systems, and wreak havoc by compromising data integrity and confidentiality. Malware can then swiftly spread, leading to unauthorized access and data exfiltration. Regularly updating antivirus software, conducting thorough system scans, and educating employees about the dangers of clicking on suspicious links are pivotal defenses against malware-driven breaches. Social Engineering Social engineering has emerged as a cunning and effective tactic in data breaches, such as manipulating individuals to divulge confidential information willingly. Whether through phishing emails, deceptive phone calls, or impersonation, cybercriminals exploit human trust to gain unauthorized access. Raising awareness among employees about the dangers of social engineering, implementing rigorous verification processes, and fostering a culture of skepticism can fortify an organization’s defenses against these subtle yet potent attacks. Physical Attacks While the digital realm often takes center stage, physical attacks on data infrastructure remain a tangible and underestimated risk. Breaches can occur through unauthorized access to servers, theft of physical storage devices, or tampering with network equipment. Implementing stringent access controls, employing surveillance systems, and securing physical infrastructure are crucial steps to mitigate the threat of data breaches stemming from physical incursions. Building digital and physical protective measures can help with your defense against the multifaceted landscape of data breaches. Impacts on Businesses Financial repercussions Data breaches are costly to businesses with immediate and enduring consequences. The “Cost of a Data Breach Report 2023” by IBM reported that the average cost of a data breach was $4.45 million per organization⁴. Long-term financial implications include loss of customers, diminished revenue streams, and increased cybersecurity investments to rebuild trust and fortify defenses against future breaches. Reputational damage The fallout from a data breach extends beyond the balance sheet, leaving an indelible mark on a business’s reputation. According to a 2023 survey by Vercara, 66% of U.S. consumers would not trust a company that falls victim to a data breach with their data. Rebuilding trust with transparent communication, swift remediation, and proactive measures to prevent future breaches is essential, demonstrating a commitment to safeguarding sensitive information. Operational disruptions Data breaches causes disruptions in the operations of daily business activities. It takes an average of 73 days to contain a cyber-attack according to the Cost of a Data Breach Report 2023 from IBM⁴. Swift recovery requires a meticulous balance between addressing the breach’s immediate impact and resuming normal operations to minimize further operational strain. Legal and regulatory implications The legal aftermath of a data breach involves navigating a complex landscape of regulations and compliance standards. In the United States, data breaches may trigger legal consequences under various state laws. For instance, the California Consumer Privacy Act (CCPA) allows for fines ranging from $100 to $750 per consumer per incident⁵. Ensuring adherence to data protection laws, promptly reporting breaches to regulatory authorities, and implementing robust security measures become top priorities in avoiding the legal quagmire that often follows a data breach. Notable data breaches Yahoo! (2014): The personal information of 3 billion people was exposed, including names, birth dates, passwords, and phone numbers. Cause: It is believed that the hack originated through a phishing email sent to a Yahoo! employee. Through this phishing email, it’s believed the hackers were able to access user databases and tools.⁶ Cost: $117.5 million in settlements and $350 million off its sale price to Verizon⁷ Marriott International (2018): Information of approximately 500 million guests was compromised, including names, contact details, passport numbers, and travel details. Cause: A cyber-espionage campaign linked to a state-sponsored actor. Attackers gained access to Marriott’s Starwood guest reservation database due to vulnerabilities in the system.⁸ Cost: Over $100 million for remediation efforts and regulatory fines.⁹ Capital One (2019): 106 million customers’ personal information, including credit card applications and Social Security numbers, was exposed. Cause: A misconfigured web application firewall that allowed a hacker to exploit a server-side request forgery vulnerability, leading to unauthorized access and the theft of sensitive customer data.¹⁰ Cost: Estimated between $100 million and $150 million in 2019 alone.¹¹ SolarWinds (2020): Hackers compromised the software supply chain, affecting numerous government agencies and major corporations globally. Cause: The SolarWinds breach was a sophisticated supply chain attack where malicious actors compromised the software update process, injecting malware into software updates distributed by SolarWinds, allowing them access to numerous government and corporate networks.¹² Cost: At least $18 million¹³ JBS USA (2021): The ransomware attack on the world’s largest meat processor disrupted operations and impacted the company’s IT systems. Cause: A ransomware attack, where cybercriminals exploited vulnerabilities in the company’s IT systems to encrypt data and demand a ransom for its release, causing significant disruptions to operations.¹⁴ Cost: $11 million ransom paid to hackers from JBS to restore their IT systems. Post-breach response Assessment and Damage Control Immediate Action Steps In the event of a data breach, the immediacy of response becomes one factor in determining the outcome. Swift and decisive actions during the initial moments can be instrumental in preventing the situation from escalating. The primary focus at this stage is isolating the affected systems, swiftly disconnecting compromised servers and devices from the network. This can help stop unauthorized access and establishes the foundation for a more concentrated and effective response. Alerting the incident response team, IT personnel, and relevant stakeholders promptly is also worth considering to help gain control over the situation. Forensic Analysis Understanding the who, what, and how of an incident is also an important step following a breach. In this context, involving forensic experts in a meticulous analysis is prudent. These professionals specialize in unraveling the intricacies of the breach, identifying entry points, and tracing the movements of attackers within your systems. The significance of forensic analysis extends beyond mere identification; it serves as the groundwork for prevention. Through a comprehensive study of the employed attack vectors and techniques, organizations can enhance their cybersecurity infrastructure. This process of gathering critical information about the breach contributes to the ability to preempt similar incidents, fostering a more resilient stance against evolving cyber threats. Communication Strategy Internal Communication Effective internal communication plays a pivotal role in building a resilient response framework. In the early stages of a crisis, employees emerge as the initial line of defense. Clearly conveying the severity of the situation provides them with a comprehensive understanding of the impact and the organization’s devised response plan. This also empowers the workforce, fostering a sense of unity within the organization and help the organization navigate challenges ahead cohesively, reinforcing its resilience in the face of adversity. External Communication External communication holds equal importance, reaching beyond the organization to customers, partners, and stakeholders. It’s essential to recognize the significance of constructing messages with transparency, honesty, and a proactive stance. Silence or ambiguity can intensify the repercussions, so prioritizing openness becomes foundational for rebuilding trust. Being timely and forthright in sharing information about the breach and the steps taken to rectify the situation is generally a good strategy when engaging with partners and stakeholders. This approach not only informs but can also mold the perception of the organization’s dedication to security and integrity following the aftermath of a breach with a strategic and forward-thinking mindset. Legal and Regulatory Compliance Notification Requirements Within the regulatory framework, a prompt response is an important post-breach step for organizations. It may first involve comprehensively detailing the legal obligations surrounding breach notifications to both regulatory authorities and affected individuals. It’s essential to recognize the variability in requirements across different regions and industries, underscoring the importance of remaining well-informed about these specific nuances. Timeliness of notifications is also factor for organizations to consider. Numerous jurisdictions impose substantial fines for delays in reporting, making it essential for organizations to adhere to strict timelines. Transparency holds equal weight, necessitating clear communication about the extent of the breach, the nature of compromised information, and the specific measures being implemented to address the situation. This approach can help in being compliant with legal standards and plays a vital role in fostering trust among those directly impacted by the breach. Legal Counsel Engagement Organizations generally seek the support of legal counsel to help navigate the intricate legal aftermath of a data breach. Legal experts can help an organization through potential lawsuits and regulatory fines. Engaging legal experts early allows their insights to guide the overall strategy, shaping everything from the communication plan to the recovery efforts. With early legal counsel support, the organization can be proactive in addressing legal challenges, potentially mitigating the severity of consequences that may arise. Recovery and Remediation IT System Restoration The intricacies of IT system restoration mirror the reconstruction of a fortress following an intrusion. Restoring affected IT systems to normal functionality involves comprehensive measures such as thorough system checks, vulnerability assessments, and the eradication of any residual traces left by a breach. Additionally, organizations generally look to enhance security measures during the recovery phase. Simply reverting to the pre-breach state is not enough; instead, the recovery process serves as an opportunity to accept vulnerabilities in old systems and bolster defenses. This entails updating and patching systems, reassessing access controls, and contemplating the incorporation of advanced threat detection tools. Such measures collectively work to minimize the risk of a recurrence and contribute to an overall fortified cybersecurity posture. Prevention Strategies Best practices for securing sensitive data Securing sensitive data is important in the age of relentless cyber threats. Employing encryption protocols, conducting regular security audits, and limiting access privileges are foundational best practices. These proactive measures help create a robust defense, forming an intricate web that shields critical information from potential breaches. Employee training programs to mitigate human error Human error remains a significant contributor to data breaches. Implementing comprehensive employee training programs can be helpful in cultivating a security-conscious workforce and mitigating human error-caused vulnerabilities. From recognizing phishing attempts to practicing proper password hygiene, a well-informed staff acts as the first line of defense and can significantly reduce the likelihood of unintentional security lapses. Implementing robust cybersecurity measures The cornerstone of any data breach prevention strategy is the implementation of robust cybersecurity measures. This includes advanced intrusion detection systems, firewalls, and regular software updates. Proactively addressing vulnerabilities and staying abreast of the latest cybersecurity advancements help fortify an organization’s digital perimeter, creating an environment that is inherently resistant to malicious infiltrations. Staying abreast of emerging trends Staying ahead of data breach threats requires a keen awareness of emerging trends. From sophisticated phishing techniques to novel forms of malware, businesses should continuously adapt their cybersecurity strategies against evolving tactics employed by cybercriminals. The dynamic nature of the cybersecurity landscape demands constant innovation. Adopting cutting-edge technologies like artificial intelligence for threat detection and investing in predictive analytics allows businesses to stay one step ahead, proactively identifying and neutralizing potential threats before they escalate. Collaboration and information-sharing within industries In the face of evolving cyber threats, collaboration is a powerful defense. Establishing networks for information-sharing within industries enables businesses to benefit from collective intelligence. By sharing best practices and threat intelligence, organizations can collectively strengthen their defenses against the ever-changing data breach landscape. Takeaway Data breaches are a persistent threat for all businesses capturing and storing personal identifiable information. Such businesses are inherently the stewards of this data and must protect that data to avoid bad actors gaining access for malicious intent. Knowing what a data breach is just the first step of protecting that data, and it is key to take action. From securing sensitive data to fostering a cybersecurity-aware workforce, businesses must not merely react to the escalating threat of data breaches but proactively strive to create an impenetrable shield around their valuable information. Visit our website for more information about our offerings and how Experian can help you prepare and respond to data breaches. ¹Hippa Journal, 55% of Healthcare Organizations Suffered a Third-Party Data Breach in the Past Year [2022]²Verizon, 2023 Verizon Data Breach Investigations Report³Gurucul, 2023 Insider Threat Report⁴IBM, Cost of a Data Breach Report 2023⁵Office of the Attorney General, California Consumer Privacy Act (CCPA)⁶CSO, INside the Russian hack of Yahoo: How they did it⁷BPB Online, Yahoo Data Breach: What Actually Happened?⁸CSO, Marriott data breach FAQ: How did it happen and what was the impact?⁹Cybersecurity Dive, Marriott finds financial reprieve in reduced GDPR penalty¹⁰Investopedia, Capital One Data Breach Impacts 106 Million Customers¹¹CNET, Capital One $190 Million Data Breach Settlement: Today Is the Last Day to Claim Money¹²Tech Target, SolarWinds hack explained: Everything you need to know¹³Reuters, SolarWinds says dealing with hack fallout cost at least $18 million¹⁴BBC, Meat giant JBS pays $11m in ransom to resolve cyber-attack

2023-2024 Experian Data Breach Response Guide Learn how you can boost your preparedness against cyberattacks—download the new guide now. As the proliferation of connected devices and third-party integrations accelerate, organizations are becoming more exposed to risk. Your attack surface is expanding, and it’s a hacker’s dream. But their dream is your nightmare. While there will always be at least one monster hiding under the bed, being prepared and having a plan can help you sleep easier and soften the blow when an attack does happen. How likely is your organization to be the victim of an attack? As pointed out in the 9th Annual Experian Data Breach Response Guide, “Cyber attacks happen once every 39 seconds.[1]  There’s no time to rest, and no time to let your guard down. It’s just a matter of time before your data becomes a target, whether it is a direct hit to your organization or through a third-party supply chain attack (one of the latest trends hackers are using to gain access to huge amounts of data in just one sweep). You never know when your day will come, so being prepared now is the only way. 15% fewer incidents occur on average for customers with a plan.[2] Having fewer incidents helps keep your data safer and your bottom line healthier as the cost of a data breach continues to break records year after year. Learn How You Can Be Prepared Our 2023-2024 Data Breach Response Guide has been updated with the latest predictions, trends, and expert advice based on real-world experience. This is the ninth year I’ve rolled out this guide, and it gets better every year, with deeper insights into the state of cyber threats across industries and current best practices, and step-by-step guidance for creating, testing and implementing a plan for your business. Highlights include: Third-party breaches are rising — A partner breach make up 62% of system intrusions.[3] Healthcare and financial services have the highest volume of breaches, representing over half the share of breaches serviced by Experian in 2022.[4] How having a response plan can save your business—90% of consumers are more forgiving of companies that had a response plan before a breach.[5] How Experian Data Breach Solutions can help your organization respond quickly to and minimize the impact of a data breach Ready to Get Started? A data breach preparedness plan is never a one-and-done deal. It needs to evolve along with the cyber threats it is meant to conquer. Experian is a partner you can trust. We continue to expand our product offerings, keep our eyes and ears on the lookout for rising threats and trends, and use our years of experience to support our partners when they need us most. Download the latest edition of the Experian® Data Breach Guide [1] Zippia, 30 Crucial Cybersecurity Statistics [2023]: Data, Trends and More. [2] Experian Data June 2023 [3] Resmo, Third-Party Data Breach Statistics. [4] Experian Data June 2023 [5] Experian Data Breach Consumer Survey.

Reflections, New Predictions, and What to Expect by 2033.  Where We’ve Been: A Cybersecurity Recap It’s been a decade since Experian released its first forecast. At the time, hacker activity was heating up, and breach "fatigue" was setting in. The report highlighted the budding threat of healthcare incidents, started a conversation about the connection between the cloud, big data, and big international breaches, and was one of the first—if not the first preparedness and response organization to sound the alarm on the cyber insurance surge. Fast forward to 2023: Clever cybercriminals have not slowed, and data breaches are busier and livelier than ever, with cyberattacks costing organizations $2.9 million every minute1, with major businesses suffering losses of $25 per minute.2 Hold on to your keyboard if you’re wondering where the cybercriminals could go next. The Tenth Annual Experian Data Breach Industry Forecast findings offer a road map into the future. findings offer a road map into the future. Literally. It outlines how modern technology, cyber resilience, and cyber recovery will play a role in the next generation of attacks. With six predictions instead of five, this year’s report also candidly reflects on what we got right and where we missed the mark over the last nine years while homing in on what 2023 and 2033 could bring. Nearly 70% of business leaders feel their cybersecurity risks are increasing, and only 5% of companies2 data is probably protected.3 Where We Are: Reality. It’s Not Quite What It Seems With more than 80% of U.S.4 adults expressing some concern about the metaverse and deepfake-enabled attacks up 53% from 2021,5 2023 could see cyberattacks move into unprecedented and unchartered territory. Will keyboards and screens become easy gateways to widespread attacks in seen and unsuspected ways for corporate entities and consumers alike? What about the continued rise of remote work? Will its staying power reveal vulnerabilities? As technology evolves, so too can scams and increased risk. Are you prepared? Globally, cybercrime is on track to cost $10.5 trillion annually by 2025.6 Where We’re Headed: Today and 10 Years From Now The Tenth Annual Data Breach Industry Forecast isn’t a crystal ball, but it’s close. With now ten reports issued and over 18 years of experience servicing, researching, and tracking data breaches, I’ve encountered almost everything in the what-if world of preparedness drills and real-world live incident responses. I’ll end with this fact. Only time will tell what happens next. Until then, if you’re a CISO, cyber risk insurer, CFO, General Counsel, or other professional responsible for or connected to cybersecurity preparedness and response, I recommend you review the Tenth Annual Experian Data Breach Industry Forecast. Your company’s future could depend on it. Read the 2023 Experian Data Breach Industry Forecast 1-2 https://businessinsights.bitdefender.com/what-are-the-biggest-cyber-threats-of-the-future 3 https://www.accenture.com/_acnmedia/PDF-96/Accenture-2019-Cost-of-Cybercrime-Study-Final.pdf#zoom=50 4-5 https://www.varonis.com/ 6 Cybersecurity Ventures, Cybercrime Magazine

When a data breach occurs, it can have a ripple effect on your business, your employees, and your customers. Depending on the severity of the breach, large volumes of personally identifiable information – such as email addresses, birth dates, passwords, social security numbers, etc. – may fall into the hands of unauthorized people who intend to exploit that information for personal gain. While data breaches are difficult to predict, you can take proactive steps to ensure that your business and your customers are well equipped to respond quickly and drive faster resolution. Create a plan The average cost of a data breach in 2023 is $4.45 million, a 15% increase from 2020[1]. This is a considerable loss that can be devastating to a business of any size. The best strategy to mitigate this kind of loss is to be prepared with a data breach response plan. If your business experiences a data breach and you’re unprepared for it, the losses you and your customers incur can be much more serious, and the damage to your company’s bottom line and reputation can last much longer than necessary. By establishing a data breach response plan, you can limit the downside potential of an attack and considerably shorten the recovery time. This can help your business and your customers return to good standing as soon as possible. Arm your team with knowledge The IT department is no longer the only line of defense against cyberattack or data breaches. Many hackers will try to illegally obtain sensitive information from front line or associate level employees using a variety of methods like phishing, ransomware, or social engineering. This puts the responsibility of protecting company data on every employee, not just on the cybersecurity team. This is why it’s important to educate all of your employees on how to recognize potential threats of a data breach. With this knowledge, they can work collectively to keep consumers’ data safe and secure. Address your customers’ concerns effectively If a data breach happens to your business, it’s crucial to notify your customers as soon as possible. Not only should you alert them of the breach, but you should also have a protocol in place to provide up-to-date information, helpful resources, and reassurance. Whether through email, in-app notifications, or call center agents, your customer response process should include clear, frequent, and timely communication throughout the duration of the breach. Keeping your customers informed and at ease during a breach will encourage them to remain calm and feel confident to continue doing business with you. Data breaches and cyberattacks are unpredictable and can have unforeseen, long-lasting negative effects on small, medium, and large businesses alike. But if you have a solid plan, keep your employees knowledgeable about potential threats, and provide useful, timely information to your customers, you can minimize the damage of any breach on your organization. Visit our website for more information about our offerings and how Experian can help you prepare and respond to data breaches. [1]IBM. Cost of a Data Breach Report 2023.

The Threat “With criminals, there’s no such thing as a border anymore. They don’t care where you are, who you are; if there’s money to take from you, they will take it.” That’s what U.S. Secret Service Agent Eric Adams had to say when asked about cybersecurity threats during the “Global Cyber Threatscape & the Role of Law Enforcement” panel I moderated at the latest NetDiligence CyberRisk Summit event. It’s clear to law enforcement that cybercriminals are hyper-connecting, deep information sharing, and crossing virtual borders—becoming more brazen (and clever) by the breach—leaving businesses, insurers, organizations, regulators, and consumers in the cross hairs of compromise, compliance, and recoupment. “We work with law enforcement; we work with insurance companies. We’re collecting data and trying to solve those problems because we understood that if you don’t cooperate before the incident, you don’t work together [at all].” – Michael Bruemmer, Experian During the “Beyond the Arrest: Law Enforcement Roundtable,” Adams and three other cross-border experts, Brian Abellera, Jason Conboy, and Matt Robinson, gave in-depth accounts of “cross-border incident response and the role of U.S. cyber law enforcement and oversees intelligence.” “We’re seeing smaller and medium-sized businesses [being targeted by ransomware]. We are really struggling to keep up with the information flow.” – Matt Robinson, RCMP I frequently talk about how quickly the threats are evolving and how Every Minute Counts in data breach response. The panel echoed this sentiment tenfold, covering five key topics, including “Unique Characteristics of U.S.-Canada Cyber” and “Public-Private International Cooperation.” The Evidence Board “We have to be nimble like the cybercriminals; putting in cyber liaisons internationally.” – Jason Conboy, U.S. Department of Homeland Security Investigations From stem swapping, ransomware revictimization, and romance schemes, the experts discussed how cross-border threats are infiltrating every square inch of the data security landscape. They also focused on the critical role of education, tabletop exercises, and timely incident reporting while zeroing in on how public-private partnerships can influence better outcomes and impact data protection, regulation, and litigation. Watch the full NetDiligence Cyber Risk Summit session on-demand

As we navigate a new way of living, working, and handling the unpredictability of COVID-19 and other potential health concerns worldwide, now is not the time to ease up on data breach preparedness. I’ve said it many times before, and I’ll repeat it, every minute counts in today’s fast-breaking data breach response environment. As pointed out in the foreword of the 8th Annual Experian® 2022 Data Breach Response Guide, “Almost everything is done and undone with a screen touch, keystroke, password, or pin.” It is a convenient reality for consumers looking to make quick, returnable digital purchases, as it is for hackers who can cause irreversible financial and reputational harm to companies and organizations. In this world, it’s not an option to put data breach preparedness on the back burner. Every employee in your organization, from the C-suite to the call center, must stay ready. In 2021, the average cost of a data breach was $4.24 million.[1] Industry Perspectives, Current Data, Consumer Response  New and improved for 2022-2023, our latest Data Breach Response Guide is an in-depth preparedness page-turner, complete with predictions, trends, experienced-based advice from Experian experts, and real-world incident insight informed by servicing breaches over 15 years. The Highlights  I’ve managed the roll-out of this guide for years, and I have to say, this guide is the most comprehensive and data-dense one yet. It has everything you need to learn how to prepare, plan, practice, audit, and manage your crisis response. You’ll get details on: The Rise of Ransomware—one happened every 11 seconds in 2021[2] What do businesses think about response plan drills?—84% agree their plans could be more effective with drills[3] Why hackers’ top industry target is still healthcare) and why How Experian® Crisis Solutions helps companies recover strong, much more Cyberattack Preparation is Paramount Cybersecurity and data breach preparedness is changing by the minute. Experian is expanding its product offerings, staying on top of rising threats, and relying on our deep experience to support partners when they need us most. Ready to learn more about how to stay ready for a data breach? Download the Experian® Data Breach Guide now. For additional preparedness insights, sign up for our free resource hub. [1] IBM & Ponemon 2021 Cost of a Data Breach Report [2] Cybersecurity Ventures, Cybercrime to Cost the World $10.5 Trillion Annually by 2025 [3] Experian and Ponemon. 2022. Ninth Annual Study: Is Your Company Ready for a Big Data Breach

Crises come in many forms, without warning, and can be devastating for any size business. A company’s ability to manage crises, specifically with a crisis response notification plan, directly impacts consumers’ trust and perception of their brand. In today’s digital world, consumers are more informed than ever before and consumer trust is what keeps businesses afloat. If that trust is broken or their needs are not met, consumers will take their business elsewhere. Companies cannot afford to lose customers. Research from Frederick Reichheld of Bain & Company, the inventor of the Net Promoter Score, shows that increasing customer retention rates by 5 percent increases profits by 25 percent.[1] When a crisis occurs, 90 percent of consumers are more forgiving of companies that have a response plan in place.[2] Despite that information, 51 percent of companies admit to not having a crisis response notification plan.[3] While crisis communication can be fairly reactive, it helps to have a crisis communication plan in place to make the process easier. Experian Crisis Response Management features a notification system, call center deployment, and crisis specialists to help companies build trust and confidence knowing that their consumers will be taken care of, which breeds customer loyalty. Our team of experts can help you develop a crisis response notification plan to reach out to your customers during any type of crisis. Here are five key steps to developing an effective crisis response notification plan Step 1: Define Your Objective Before you begin, you must first set a clear goal for your plan. This objective should include what the plan should accomplish, when the plan should be executed, and who needs access to the information being shared. For example, “This plan creates a communication structure with external stakeholders in the event of a crisis that affects the reputation of the company.” Step 2: Create a Contact List To ensure the crisis is well-managed, it’s important that all stakeholders are kept informed. Create a contact list of all employees, customers, users, partners, investors, media outlets, the government, and social media followers. Determine the best method of contact for each of these stakeholders (i.e., print mail, email, phone call, etc.) and include that in the contact list document. Step 3: Determine an Information Sharing Structure Depending on where a crisis originates and the threat level of the crisis, protocols may differ by scenario. To avoid confusion, form a hierarchy outlining how information should be shared within the company. Your hierarchy may begin with notifying the CEO, followed by the head of public relations or CTO. The plan needs to define what information should immediately be disclosed to each individual or team in the hierarchy, such as the source of the crisis and the protocols in place to handle the situation. Step 4: Prepare for Possible Questions and Concerns Customers will want answers and if you are not the one supplying them, they will search elsewhere to uncover the truth. Create a running fact sheet that documents the known information of the situation. This helps to prevent rumors or misinterpretations from spreading to media outlets, keeps all responses in alignment, and makes it easier to field customer questions. Step 5: Assess Your Risks Identify the risks you might face under each plan so that, if it does backfire, you’re prepared for any additional losses. By being prepared for this, you’ll be ready for anything that goes wrong with steps to recover faster. Fulfilling your notifications Once you have determined who will receive your crisis response notifications, it is time to fulfill your obligations. Ensure every access point is covered by creating a notification system with Experian for direct emails, call center processes, and a landing page users can go to for fast information. 1. Notification Options Notification requirements vary depending on the crisis at hand and your customers’ preferred method of contact. Some common examples include: Paper mailings Email notification Web announcement Phone calls You may also consider a multipronged approach, which includes email or paper notifications, supported by a website FAQ and a call center where consumers can get more information. 2. Outbound notification and inbound response management Experian offers sufficient phone, website, and application capacity to absorb the spikes of crisis volume on top of normal operating volumes. This service includes address validation, delivery that covers 100+ countries, reporting and analytics of the notification channels, and a dedicated account manager that oversees the entire process. 3. Experienced team of agents Our team of dedicated account managers have serviced over 50,000 incidents, delivered over 30 million print and email notifications each year, and developed a comprehensive range of products for every need. We stay with you as a resource throughout the crisis process and work with you to recover, repair, and protect your business for the future. No one ever expects a crisis to hit, but when it does, it’s important to have a plan in place. Having a dedicated team who can help you navigate through difficult times is essential to quick recovery. At Experian, we understand the importance of customer trust and we help companies recover from crises quickly. Our team of experts are available to help when you need it most. Learn more about our Crisis Response Management services ____________________________________________ [1] Bain & Company. 2001. Prescription for Cutting Costs. [2] Experian. 2019. Data Breach Consumer Survey. [3] Deloitte. 2020. A crisis of confidence.

What if there was a way to assess your data security readiness before a breach happens? Imagine the worst thing that could happen to your organization. Your system is hacked, exposing proprietary and confidential information including upcoming projects and consumer data. Consumer identity theft incidents skyrocket under your name. Competitors begin to take notice and pounce on their opportunity to move into your customer base. Your employees begin to fear for their job security and your consumers fear for their financial safety. With so much at stake, you need to have a solid plan in place before a data breach occurs. The best way to improve your organization’s cybersecurity is by conducting data breach simulation, which means testing yourself for vulnerabilities before threat actors do. Verizon’s Data Breach Report shows that 85% of breaches involved a human element, while only 3% involved vulnerability exploitation.[1] Unfortunately, humans are prone to error. According to the results of Terranova Security’s 2020 Gone Phishing Tournament, almost 20% of all employees are likely to click on phishing email links.[2] Verizon’s report also found that stolen or misused credentials were responsible for 61% of data breaches. The most dangerous passwords to have stolen are those that provide privileged access to your organization’s networks. It is critical to have a Password Manager to protect your assets. Experian offers data breach simulation and breach response exercises that test your digital defenses. We will assess what you can do before, during, and after a simulated attack to enhance your response plan. Before: Consider how often you want to run these tests. They can take place once a year, every six months, quarterly, monthly or any other desired frequency. Determine if you want to use in-house staff or hire internal teams to conduct the exercises. Research potential threat actors who are most likely to target your industry and compile a list of possible aims and methods for each one. Identify targets and also non-targets — resources that are off-limits. Form clear objectives. For example: Infiltrate specific business network, steal the credentials of the IT administrator, and exfiltrate financial data. Define the parameters of the plan by determining where the simulated attacker got their information (i.e., insider information or public knowledge) and what they would know. During: Launch the attack (Example: send a phishing email to get a victim to install malware through link) Monitor both physical and digital access points Take note of departments and staff that are most likely to be targeted in an attack. Assess internal threats and openings for security breaches. After: Review incident response plan with gap analysis Did an internal employee make an error of opening a malicious email attachment? Did the simulated attacker gain access to an area they shouldn’t have been in? Did any alerts go off in the process, or fail to go off? Was physical security able to stop threats on the ground? Rank vulnerabilities and weak spots in order of which need to be fixed first. Test the changes by repeating the attack to see if the problem has been solved. The best way to fight a threat actor is to understand their methods and fix your vulnerabilities before they can be exploited. Through data breach simulation attacks, you can find out where your weaknesses lie before an actual attack takes place and let the assessment inform the development of risk mitigation strategies and action plans. For more information on how you can protect your business from data breach threats, visit us at Experian Data Breach Resolution. Experian has the tools and resources you need to stay ahead of the curve in today’s digital world. Visit our website [1] Verizon. 2021. 2021 DBIR Master’s Guide. [2] Terranova Security. 2020. Gone Phishing Tournament.

Data breaches are becoming more common, and you need to be aware of the risks to effectively protect your business. A breach of consumer data can destroy the trust you have built with your consumers. When your company’s revenue relies on your reputation, consumer trust is your greatest asset. Below are five data breach statistics that you should know, along with some tips on how to protect your company. 1. There were 1,862 data breaches in 2021, breaking the previous record[1] This number surpasses both 2020’s total of 1,108 and the previous record of 1,506 set in 2017. Eva Velasquez, president and CEO of the Identity Theft Resource Center, called the number of breaches “alarming” and went on further to say, “There is no reason to believe the level of data compromises will suddenly decline in 2022.” The rise in breaches underscores the urgency for organizations to ensure compliance with regulations like the California Consumer Privacy Act (CCPA) and HIPAA to properly secure data (or face hefty fines). This is made more challenging as organizations struggle to adapt to more remote work practices while trying to manage the massive amounts of data they hold. Practicing good cyber hygiene is essential to protecting your and your consumers’ personal information. 2. Ransomware attacks in the U.S. alone account for 30% of all cyberattacks last year[2] At Experian, we’ve seen an even higher occurrence of 59% of the events serviced in 2021. These types of events have nearly doubled in the last two years, and at this rate of growth, ITRC said ransomware will surpass phishing as the top cause of data breaches in 2022. Ransomware events take, on average, over 20% more time to begin, which means more lost time and money for your organization. 3. The average ransom demand was $5.3 million which is a 518% increase from the 2020 average of $847,000.[1] A data breach not only costs your organization money, but also your time, resources, and reputation. Hackers are getting smarter and more sophisticated with their attacks and demands making it harder for organizations to respond effectively. Experian’s 2019 Data Breach Consumer Survey Report revealed that if you are breached, consumers want to know about it within 24 hours.[2] If you do not have a response plan in place, a mass notification in an emergency can overwhelm your resources and damage the trust you have built with your customers. 4. 95% of cybersecurity breaches are due to human error[3] Most data breaches can be prevented if you take the right precautions. The best way to avoid a data breach is by providing your employees with proper training, such as phishing awareness. This will help them identify any malicious emails or websites that might expose company information and reduce the likelihood of your organization being hacked. In addition to employee training and awareness programs, organizations should look to bolster their cybersecurity measures with tools like threat detection, multi-layered defense mechanisms, and routine security audits to identify vulnerabilities before bad actors do. 5. 90% of consumers are more forgiving of companies that had a response plan in place prior to the breach.[4] If your organization does not have a response plan in place, it could be game over for your brand. A significant number of survey respondents (81%) would stop engaging with a brand online following a data breach.[5] The expectation from consumers is that a company is always responsible for protecting data. Building consumer trust is key to maintaining lasting customer relationships and managing your company’s bottom line. Should a breach occur, it’s critical for organizations to effectively manage the breach with a comprehensive incident response plan to mitigate the impact on your customers. Unfortunately, data breaching is a problem that is here to stay. At Experian, breaches are our business. We know ransomware breaches have more complex FAQs, letter versions, and increased call center escalations. Learn more about our Reserved Response solution [1] Identity Theft Resource Center. 2021. 2021 Data Breach Report. [2] Verizon. 2021. 2021 Data Breach Investigations Report. [3] Palo Alto Networks. 2021. Extortion Payments Hit New Records as Ransomware Crisis Intensifies. [4] Experian. 2019. Data Breach Consumer Survey. [5] Cybint Solutions. 2020. 15 Alarming Cyber Security Facts and Stats. [6] Experian. 2019. Data Breach Consumer Survey. [7] Business Wire. 2019. 81% of Consumers Would Stop Engaging with a Brand Online After a Data Breach, Reports Ping Identity.

Experian has been a sponsor of the Annual Ponemon Data Breach Preparedness Study for nine years. During this time, I’ve seen companies change their operations to address the influx of increasing threats and evolve their infrastructure to prepare and react. Although I’ve had a front-row seat in this fast-changing situation, somehow, every year, the results of this study still surprise and intrigue me. Speaking of Infrastructure, Let’s Talk Supply Chains The 2022 report explores the value of Business Continuity Management (BCM) and Crisis Management plans to minimize a data breach’s consequences. This topic is similar to one highlighted in our 2022 Data Breach Industry Forecast, which echoes that companies and organizations should expect these two areas to gain momentum, a finding based on predictions that natural disasters will continue to complicate supply chains. Also, the Forecast indicates that infrastructure cyberattacks will increase among the electrical grid and transportation networks. This Year’s Surprise Given all that we know and have gathered about data breaches over almost a decade, it was shocking to learn that this year’s Ponemon study found that only 56 percent of organizations have a BCM plan, and 53 percent have a crisis management plan. I seriously thought those numbers would be significantly higher. It goes to show there’s much more opportunity, learning, and preparation to go around. Cyber Threats and Third Parties The 2022 report also demonstrated third parties’ role in data breaches. We saw that third parties in the supply chain were the cause of 50% of reported breaches, which increased to 53% when looking at only U.S.-based companies. This data point is critical because as dependence on third-party vendors increases to improve customer experience, adapt to remote work, or improve operations, companies need to be more diligent in checking the cybersecurity protocols of their partners. If not, vulnerabilities to cyber threats can increase. Also, a lack of adherence to ever-changing government regulations could cause legal troubles. I’ll close with one last point I found interesting: While 91% of organizations have data breach plans in place, only 56% require an audit of third parties, exposing them to a breach. This information illuminates the point that companies need to consider all facets of their business when planning for a data breach – that’s one thing that shouldn’t come as a surprise.