igor - Fotolia
UK organisations are being overwhelmed by security breaches, with the number of incidents reported to the Information Commissioner’s Office (ICO) nearly doubling in a year.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
The increase was due mainly to people disclosing data in error, such as accidentally emailing a customer database to the wrong recipient, and breaches by malicious outsiders.
The FOI request also revealed that financial firms were most at risk of costly fines by the ICO, attracting over a third of all penalties levied, despite being accountable for only 6% of all reported breaches.
Other sectors got off more lightly, indicating that breaches in the finance industry were of a more severe nature.
Healthcare and local government organisations reported the highest volume of incidents to the ICO, with 941 and 202 recorded breaches in the past year, respectively.
But, despite a reputation for poor performance in previous years, local government showed some signs of improvement compared with many other sectors, with the number of security breaches rising by only 14%.
Overall, 70% of all incidents reported by government bodies were due to disclosure of data in error, which suggests reducing or identifying possible signs of human error or anomalous activity should be a priority, said Huntsman Security.
UK utilities firms reported just two breaches to the ICO over the past 12 months, but given the high value of these firms as targets, that is unlikely to be the full picture.
Huntsman Security warned that was likely the case across the board, and there were almost certainly many more unreported or undetected breaches.
Barrage of cyber threats overwhelm security teams
“The average organisation is subject to multiple breaches, of which only some will be detected, so the figures reported to the ICO are likely to be understated,” said Peter Woollacott, CEO of Huntsman Security.
“The root of the problem is that organisations are under such an intense barrage of cyber activity that threat alerts, many of which turn out to be benign, are overwhelming cyber security teams. There is simply too much data to analyse and verify manually,” he said.
Peter Woollacott, Huntsman Security
Genuine threats require immediate attention, said Woollacott, but frequently the investigation of benign and even false alarms wastes valuable time and resources.
Verizon’s DBIR 2016 gave a clear illustration of this problem, he said, revealing that while 84% of attacks compromise their targets in days or less, under a quarter are detected within that timeframe.
“Quite simply, no news is bad news; if breaches aren’t being detected, it most likely just means security analysts are having difficulty finding the needles in the haystack,” said Woollacott.
“To help them see through the noise generated by security alerts, organisations must find a way to automate threat verification and eliminate the wasted effort that results from false alarms,” he said.
Detect cyber threats through artificial intelligence
Woollacott is among those in the security industry advocating greater use of machine learning technologies to identify otherwise “invisible” threats.
“Security analysts can easily identify those that really matter, and as a result, significantly reduce their time at risk from cyber threats. This in conjunction with automation and streamlining the incident management process means that organisations can put themselves, the ICO and the wider public at greater ease that our data is safe in their hands,” he said.
Huntsman Security has patented key aspects of behaviour anomaly detection to detect anomalies in real time and so provide early warning of cyber threats, data leakage, malware and fraud.
Artificial intelligence (AI) and machine learning-led cyber security technology was in the spotlight at two major industry conferences in Las Vegas in 2016, signalling a firm trend in cyber defence research.
According to UK information security startup Darktrace, cyber security will be mainly automated based on AI in future.
“We believe we are the only ones at the moment focusing only on learning from the behaviours of people and systems within the business rather than on algorithms that look for known types of attacks,” Darktrace co-founder and director of technology Dave Palmer told Computer Weekly.
Read more about artificial intelligence
- Socially aware general-purpose AI in the form of a dog could be the ideal form factor to take over the world.
- The UK government has announced plans to allow driverless cars to be used on public roads.
- A computer program has made history by passing the AI test set by computer science pioneer Alan Turing.
- Smart systems like IBM’s Watson, autonomous vehicles and a growing army of robots are quietly making more decisions every day.