Cyber attacks threats are arguably the most significant dangers organizations face – but as we explain in this blog, the problem is worse for some sectors than others.
After our sister company reviewed more than 1,000 publicly disclosed security incidents in 2020, we’ve highlighted the five sectors most vulnerable to cyber-attacks.
1. Healthcare and health sciences
For the second year in a row, the healthcare and health sciences sector was the most vulnerable to cyber security breaches.
IT Governance recorded 240 publicly disclosed incidents in the sector, which equates to 21% of all recorded breaches.
The healthcare sector isn’t inherently more vulnerable to breaches, but there is tighter regulatory pressure in the sector.
The healthcare sector is among the strictest, with the HIPAA (Health Insurance Portability and Accountability Act) mandating that a data breach must be reported within 60 days if it affects 500 or more people.
That’s still more lenient than the GDPR (General Data Protection Regulation), where any breach that poses a risk to people’s rights and freedoms must be disclosed within 72 hours, but it provides comparatively more transparency to the data protection landscape.
This is especially important, given that healthcare breaches may reveal more than just names and addresses, but also medical issues that can affect victims’ reputations.
2. Public sector
IT Governance recorded 205 data breaches in the public sector, which equates to 18% of all reported incidents.
It shouldn’t come as a surprise that public-sector organizations are popular targets for cybercriminals. So, given that they provide essential services and collect vast amounts of personal data.
Local government, in particular, has been under severe strain, with criminals favoring ransomware attacks designed to cripple administrative processes, including tax services, welfare systems, and property maintenance.
There were also many instances of government employees inadvertently leaking data. The most common way this happened was sensitive information emailed to the wrong person.
Similarly, there were several cases where multiple people were Cc’d into an email, rather than Bcc’d, meaning everyone in the chain could see who else received the data.
3. Cyber Attacks Technology
IT Governance recorded 158 data breaches in the technology and media sector, which equates to 14% of all incidents.
Although the number of incidents was comparatively low, the extent of the damage per breach was astronomical. Those incidents accounted for 3.3 billion breached records, almost three times as many as the healthcare sector (1.2 billion).
This is perhaps to be expected, as organizations in the technology and media sector tend to collect a greater number of records on customers. So, depending on the nature of their business, may include location-tracking data, IP addresses, and biometric data.
These kinds of details generally pose a lower risk than, say, financial or medical records. But they can still prove useful to attackers.
For example, an IP address is linked to a physical location, which helps criminals tailor their scams.
Organizations should also note that with some details – such as biometric data – the threat is equally about the affected individual’s privacy as it is about the possibility of fraud.
4. Cyber Attacks Education
IT Governance recorded 157 data breaches in the education sector, which equates to 14% of all incidents.
However, these incidents were more extensive than the healthcare sector and public sector, which should be a big concern.
That’s because the majority of these records involved children’s data, which is subject to specific protections under the GDPR.
The most common cause of data breaches in schools was ransomware. Without the resources to adequately protect their systems, and with strong pressure to remain operational, schools faced a barrage of attacks in 2020.
5. Retail and leisure
IT Governance recorded 101 data breaches in the retail and leisure sector, which equates to 9% of all incidents.
Those incidents accounted for 592 million breached records, with incidents occurring in a variety of ways, befitting the broad nature of the sector.
Some of the larger disclosed incidents involved breaches of online stores, with criminal hackers gaining unauthorized access to personal and financial data.
Others were the result of vulnerabilities in booking systems, with sensitive information leaked online. Hotels, travel agencies, and online services were among those that fell victim in this way.
Cyber attacks Maintaining Skills You’ll Need to Be Successful
Before you decide to hire a guard, be sure each candidate possesses these important security guard skills. For even more qualities a successful security guard should have, read more here.
You can’t put a price on the security of your business. Hiring a security guard is the smart thing to do, while security systems have a role to play; they can’t protect humans in emergencies.
If you’re looking for a commercial security company to protect your business then look no further than Lighthouse Security Service. The company is a licensed/insured private security agency that provides protection to many companies, hotels, and so on. Our security services are having in-depth training to handle various scenarios that can come up on the job.
Make your business protected by contacting Lighthouse Security today and get assistance with any of your business’s security needs.
