Not a Member? Get access to HR news and resources that you can trust.
Here is how HR can help prevent the missteps that could cost your company big in court.
Is your employee handbook ready for the changing world of work? With SHRM’s Employee Handbook Builder get peace of mind that your handbook is up-to-date.
60+ new SHRM Seminar dates in 10 U.S. cities and virtually.
Expand your influence and learn how to become an effective leader -- Join us in Phoenix, AZ, October 2-4, 2017.
Verizon data breach report identifies effective ways for HR to fight cyberthreats
When it comes to data breaches, “nine basic patterns make up 92 percent of security incidents,” according to the Verizon 2014 Data Breach Investigations Report, released April 23.
Those patterns, experts said, will help organizations fight cyberthreats.
“After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime—and the bad guys are winning,” said Wade Baker, principal author of the report series. “But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically,” he stated in a media release.
“Organizations need to realize no one is immune from a data breach. Compounding this issue is the fact that it is taking longer to identify compromises within an organization—often weeks or months—while penetrating an organization can take minutes or hours,” he said.
Cyber criminals are especially keen on targeting HR data.
“An employee’s employment history, any derogatory or personal information, financial information, or personally identifiable information all have value to someone,” said Eric M. Fiterman, founder of Spotkick, a Washington, D.C.-area cybersecurity company, to HR Magazine in “Keep Cyber Spies Out” (July, 2013).
That’s not all. A stolen medical identity has a street value of $50, while a stolen Social Security number sells for about a dollar, according to Kirk Herath, chief privacy officer at Nationwide Mutual Insurance Co. Yet most people don’t protect their medical information as diligently as they protect their Social Security number.
HR professionals must be vigilant about protecting employee data, experts said.
According to the Verizon report, the nine threat patterns are:
Verizon began publishing the data breach report in 2007. Researchers this year analyzed more than 1,300 confirmed data breaches and more than 63,000 reported security incidents. For the first time, the report “includes security incidents that don’t result in breaches, in order to gain a better understanding of the cybersecurity landscape,” according to the media release.
Throughout the 10-year range of the study, the number of data breaches has risen from 400 to more than 5,900. Fifty organizations from around the world, including Verizon, contributed data and analysis to this year’s report.
Aliah D. Wright is an online editor/manager for SHRM and author of A Necessary Evil: Managing Employee Activity on Facebook, Twitter, LinkedIn … and the Hundreds of Other Social Media Sites (SHRM, 2013).
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Join SHRM's exclusive peer-to-peer social network
SHRM’s HR Vendor Directory contains over 3,200 companies