BitSight

BitSight Offers Valuable Insight Into Breach Trends

Alex Campanelli | August 17, 2018

Over the last several months, members of our product team have been working to aggregate all of BitSight’s security ratings data and highlight important insights about patterns in data breaches. In fact, BitSight boasts one of the largest data breach data sets. Of course, this only highlights what data BitSight has visibility into; with the largest sinkholing infrastructure in the world and the security posture of over 130,000 organizations, we have the most comprehensive view into global breach trends.

BitSight’s data highlights the number of breaches captured in the last six months on a global scale. In April of this year, breaches spiked with 80 separate occurrences. These trends can help prompt companies to identify critical areas in need of remediation and are an important indicator for the future.8.17-Blog-1

BitSight also looks at breaches by severity within the three BitSight Security Ratings categories over the last 30 days, noted by color, implicating X amount of records lost. Companies are classified by rating as basic, intermediate, or advanced.  Overall, there are more breaches of higher severity in the basic and intermediate security rating categories, which makes sense as previous BitSight studies have shown — and have been independently verified — that companies with a BitSight Security Rating of 500 or less are 5X more likely to suffer a data breach than a company with a 700 or higher.8.17-Blog-2

When examining breaches by category type (over all time), web applications lead with over 1,200 different breaches. According to the 2018 Verizon Database Industry Report (DBIR), web application breaches are the most common type of breach — they occurred over 20% of the time among all breaches in 2017-18.8.17-Blog-3

Finally, BitSight breaks down the frequency of breaches (over all time) by industry. This is a particularly important insight when understanding the problems that certain industries encounter: the healthcare industry uses certain medical devices that are not always up-to-date and therefore easier to hack for protected health information (PHI). BitSight’s data shows that healthcare leads the industry breach breakdown with over 1,000 breaches. Verizon’s DBIR also confirms that healthcare leads all industries in breach frequency, with over 500 breaches happening in the last year.8.17-Blog-4

BitSight’s breach data provides valuable insight into the current threat landscape. By helping customers understand where vulnerabilities lie within certain industries (or what certain organizations should guard against when evaluating their security posture), BitSight Security Ratings can help organizations think strategically about proactively mitigating the risk of breach both internally and in their supply chain.

Learn more about BitSight's objective, verifiable, and actionable data on security performance.

Suggested Posts

What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...

READ MORE »

Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against...

READ MORE »

Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020

2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to...

READ MORE »

Subscribe to get security news and updates in your inbox.