Ideagen Cybersecurity report suggests huge decline in breaches over the last 12 months
United States listed businesses have reported a sharp decline in cyberbreach disclosures in 2022, according to the latest Ideagen report, leaving some experts to suggest the cyber criminals might have their focus in other places.
The latest report, "Trends in cybersecurity breach disclosures - a 12-year review", using data from Ideagen Audit Analytics shows a sharp 36% decrease in disclosures in 2022 at 125 disclosures compared to 195 the previous year.
Some experts such as Vince Warrington, Founder of Protective Intelligence, say this could be due to cyber criminals having their focus diverted elsewhere: “All of Russia’s cyber resources are focused on the Ukraine conflict at the moment, so we’re seeing less of them attacking businesses in the West.”
Despite the decline in reporting numbers, businesses are taking their time to inform the markets of cyber breaches according to the latest analysis, taking more than two weeks longer than in 2021.
In terms of the types of breach being disclosed, phishing, ransomware and malware breaches continue to drop. However, breaches described as ‘unauthorized access’ continues to be the biggest rising trend having skyrocketed in 2022, with unauthorized access contributing to 69% of disclosed breaches during the year, compared to just 48% in 2021 and 32% in 2020.
93% of compromised data was personal with name (77%), social security number (62%) and bank account details (36%) which doubled in 2022 and was the highest banking information had been in a 12-year period.
However, changes introduced by the Secrurities Exchange Commission (SEC) due to come into force in December this year will see a huge shake up in the way data is disclosed. Current reporting regulations impose an obligation to disclose certain types of risks and incidents that could have a material impact, which would possibly include a cybersecurity incident if deemed to have a ‘material impact’. The new rules refer specifically to ‘cybersecurity incidents’
Click here to access the full report including:
- Trends relating to types of cybersecurity breach disclosures filed with the SEC from 2011 - 2022.
- Analysis on the cybersecurity breach time frames from discovery to disclosure windows.
- Type of information compromised, and records lost in attacks disclosed.
- Top five costliest breaches from 2011-2022 and 2022 cybersecurity breaches exceeding 1 million dollars.