Study: Cost, Likelihood of Breaches on the Rise


Every day it seems as if another data breach has occurred or a new strain of malware has been discovered, and recent research by two leading institutions seems to back up this notion.

According to a report by the Ponemon Institute, the average cost of an organizational data breach in 2014 is $5.4 million, increasing almost $1 million from last year. If more expensive data breaches aren’t bad enough, Cisco’s 2014 Midyear Security Report has found that new exploit kits are appearing and that attacks against point-of-sale (POS) systems are on the rise.

The Cisco study analyzed more than 2,000 published vulnerability reports from the first half of 2014 to track trends in cyberattacks, exploits used and the changes occurring in the security landscape as new technology is introduced.

Of the vulnerabilities studied, 28 were found to be actively exploited and in urgent need of patching. The Midyear Security Report discovered that Java remains the most commonly exploited type of software, as 93 percent of Web exploits originated from a Java-based system.

IoT, POS systems most at risk
The study went on to say that the growing Internet of Things trend is also posing an increasing threat as it continues to create new vulnerabilities for cybercriminals to exploit. The IoT is causing major shifts in the security landscape as it increasingly connects people, processes and data, making connected devices attractive targets for hackers. And the IoT network is only going to get bigger as, according to Cisco, it is expected to grow by 50 billion connected entities over the next six years.

Another trend recognized by the report was that of malicious actors targeting POS terminals. As retailers increasingly utilize payment systems that are connected to the Internet, they are more likely than ever to be targeted as they offer a convenient point of access.

Cisco researchers also noted in the study that the pharmaceutical and chemical industries were most likely to be targeted by phishing campaigns and email attacks, and were in the top three sectors at risk for encountering malware. Media and publishing was shown to be the top industry for malware events. Overall, 94 percent of customer networks observed in this year’s report were found to have traffic going to websites that were known to host malware.

As both studies prove, it is more important now than ever to protect against cyberthreats and take steps to ensure enterprise security. Employing techniques like two-factor authentication to protect company networks and email security to defend against phishing campaigns is an easy and reliable way to increase security and prevent a data breach.


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation