Cybersecurity is a constant concern for businesses of all kinds, and no organization or industry is safe from attacks, data breaches, and other related issues. Threat actors hold no preference and show no clemency in who they go after, and the easiest targets are often those less capable of putting up an adequate defense. But despite threats to cybersecurity being a wide-reaching issue that affects virtually every business, some industries are currently more impacted than are others by cyberattacks. Let’s examine these here to highlight the state of cybersecurity across multiple sectors.
The healthcare industry continues to be one of the most targeted by cybercriminals. This is an alarming trend on multiple fronts, affecting millions of patients and numerous providers and organizations. According to a new report released by IBM, healthcare data breaches are the most costly across all industries, with an average damage impact of $10.10 million per incident. The financial damage caused by these breaches is apparent and that average impact amount continues to rise. This number is nearly a 10% increase from 2021, showing how much of a problem cybersecurity issues have consistently been in recent years while indicating that total costs of a breach are likely to continue an upward trajectory. Healthcare has been the sector with the highest data-breach-related financial impact for over a decade, with related issues spreading far and wide.
The financial damages of compromised cybersecurity are not the only issue surrounding healthcare as vast troves of patient personal information are also at risk, potentially compromising the security of millions. Attackers often gain access to health records and other valuable personal information that they can use to commit future fraud during a healthcare-targeted attack. In March 2022 alone, there were 30 different data breaches on healthcare organizations that affected 1.5 million people. And these breaches are not affecting just larger providers – ransomware attacks on smaller healthcare providers in recent months resulted in compromised personal health information on tens of thousands of patients.
Small and Medium-Sized Businesses
Data breaches and other cyber issues affecting large, big-name organizations get most of the media attention. Still, the risk of cyberattack for small- and medium-sized businesses (SMBs) can be daunting. SMBs often don’t have the same security teams or budget to handle a direct attack or data breach effectively, leaving their day-to-day operations and much more in a vulnerable position. Some owners of small business still don’t think that they are a primary target, and this false sense of security opens more potential problems. Hackers looking for an easy target often go after smaller businesses because the perpetrators know that proper security measures can be lax, and they are likely to get away with an attack.
Over the last two years, data breaches among SMBs have increased over 150%, which is likely to rise as 2022 is already becoming a banner year for small business cybersecurity issues. Running a small business is challenging even when things are operating smoothly, but a data breach can prove disastrous when measures are not in place to limit its effects. Over half of the SMBs in the US experienced some sort of cyberattack in 2021, and roughly 60% of them go out of business within six months after experiencing a cyberattack, according to the US National Cyber Security Alliance. Despite alarming statistics like these, only a fraction of small businesses are actually equipped to deal with a cybersecurity incident in the first place.
Education and Higher Learning
Education-based technologies were pushed to adapt to the unique circumstances surrounding the COVID-19 pandemic. A shift to remote learning happened quickly and is now a normal aspect of education at nearly every level. This reliance on developing technologies has also left schools and universities worldwide more vulnerable to cyberattacks. The education industry experiences the highest number of malware encounters by a wide margin. Much of this malware appears as adware and spam, but ransomware incidents on schools and colleges are increasing.
Personal information is the typical target for cybercriminals attacking schools and universities, with this data stolen and used to commit identity fraud or sold through nefarious channels. Ransomware incidents are on the rise, and they often cripple daily operations that shut down learning opportunities for students. These incidents don’t usually result in huge ransom payouts, but the total cost of resolving an attack in the higher education sector averages nearly $1 million more than the cost for private sector businesses. Colleges and universities often don’t effectively back up their systems, which increases the total cost of recovery in the long run.
The financial impact is a definite risk, but even more disturbing is the fact that bad actors have stolen the personal information of many thousands of children by attacking public schools. This potentially threatens the future livelihood of innocent kids through no fault of their own, setting them up to be victims of fraud and identity theft before they even understand what these issues are.
Financial institutions have the second highest data breach cost behind the healthcare industry at $5.97 million per incident. The highly sensitive information and data associated with personal finances stretches the impact far beyond the cost of cleanup and restoration after an attack. Banks, lenders, and other financial services businesses store large amounts of sensitive information that cybercriminals see as an incentive for nefarious action. Access to this data gives them the ability to commit fraud, demand ransom, or flat-out steal from regular consumers using affected financial services.
The evolving digital transformation is part of what makes financial institutions a top target for cyber attackers. Conveniences such as mobile banking are leading to more scams and security issues, and large banks are continually hit with data breaches and ransomware incidents. Login information, social security numbers, and other highly valuable personal information sit within the servers of nearly all financial institutions, making them a high-reward target in the eyes of hackers.
LibertyID provides full service, fully managed identity fraud restoration to its subscribers. With a 100% success rate in resolving all 31+ forms of identity fraud. LibertyID Business Solutions provides Business fraud remediation, full pre-breach preparation with custom WISP protocols, post breach regulatory response, customer, and employee identity fraud restoration management, advanced employee training and third-party vendor management tools.