Light Dark
December 1, 2021 By David Bisson 4 min read
Data Protection
Incident Response
Security Services

If you’re tired of hearing the words ‘data breach’, you’re not alone. It’s looking like 2021 might end up becoming the year with the most ransomware attacks on record. In August, SonicWall reported that the global ransomware attack volume had increased 151% during the first six months of the year compared to H1 2020. The security community witnessed a total of 304.7 million attempted ransomware attacks over the course of that period. That’s up from 304.6 million attack attempts for all of 2020. Those attacks included notable ransomware incidents such as the Colonial Pipeline infection, an incident which disrupted lives by causing gas shortages.

Such growth held steady into the third quarter of the year. According to SonicWall, ransomware attackers registered 190.4 million infection attempts in that time. This attack volume made Q3 2021 the quarter with the highest number of ransomware attacks on record. It almost surpassed the 195.7 million ransomware incidents seen in the first three quarters of 2020. That’s year-over-year growth of 148%, with 470 million ransomware attacks logged through September. SonicWall predicted 714 million ransomware attacks for all of 2021, a 134% increase over 2020.

Data Breach Stress

News of all these ransomware attacks, not to mention other types of security incidents, are stressing out users. That’s what Kaspersky learned in the process of conducting a 2021 survey. The results of the study reveal that news of data breaches stressed out 69% of respondents. (Americans and Canadians felt that pressure equally.) This figure is less than the 75% of survey participants who felt stressed by data compromise in 2018. After dropping to 68% the following year, those levels of stress remained consistent thereafter.

Meanwhile, 64% of digital users said they felt stressed by news of ransomware attacks in 2021.

In the course of conducting its study, Kaspersky discovered that users felt more stress from data breaches, ransomware and security incidents than they did from other events in their lives. To illustrate, 64% of respondents said that someone breaching their bank accounts would cause them the most stress in their modern lives. This was higher than what they said they would feel with life-changing events like losing a job (37%). Similarly, 40% of respondents revealed that losing their phone would be the biggest source of stress in their lives. This eclipsed what they said they’d feel in other events such as suffering a minor car accident and and missing a flight at 19% and 13%, in turn.

Enter Data Breach Fatigue

The sources of stress discussed above are a concern because users are people. As such, users can only handle so much stress before they begin using coping mechanisms. That’s how data breach fatigue enters into the conversation.

Data breach fatigue happens when companies and/or users become desensitized to news of data breaches. Apathy sets in from there. Security teams and users may choose not to take any action to strengthen their digital safety. They may become lax in keeping track of emerging threats. This can leave individual users and organizations more susceptible to data breaches themselves.

If they fall victim to a data breach or other security incident, organizations could suffer additional fallout from there. Watkins Insurance Group noted that consumers might lose their trust in a breached organization. Therefore, they might opt to not do business with them in the future.

There are also the damages that organizations could suffer in the process. In its Cost of a Data Breach Report 2021, IBM found that the average total cost of a data breach had increased 10% from $3.86 million in 2020 to $4.24 million a year later. Those costs varied somewhat depending on organizations’ level of security maturity and whether they added AI, automation, zero trust, the cloud and other initiatives into their strategies. But that general price tag surpasses what most small businesses can afford. When coupled with reputation damages, these financial costs explain why three-fifths of small businesses close their doors within six months after suffering a data breach.

A Lack of Security Awareness

To be fair, not all people are confident they can ensure their own digital security. So, everyday users can’t always take meaningful action on news of a data breach. Just 17% of respondents told Kaspersky that they considered themselves to possess expert or advanced knowledge about digital security. Nearly half (46%) said their knowledge of digital security didn’t extend beyond that of a beginner. That’s down from 52% in 2019. However, it’s still greater than those respondents who felt themselves to be experts in the millennial and Gen X groups at 26% and 12%, in turn.

This lack of knowledge doesn’t always translate into not being able to spot potential attack attempts. About seven in 10 respondents trusted they could spot a malicious SMS text message, for instance. That’s the same proportion of respondents who felt they could identify a spear phishing email. Even so, it could help to explain why users don’t always take steps to protect their information.

How to Protect Against a Data Breach

Fortunately, users don’t need to be experts to protect themselves. They just need to get real with their digital safety.

With that knowledge, users can take certain actions to reduce their stress that comes with digital attacks. Locking down their accounts with multi-factor authentication, freezing their credit reports and reviewing their bank accounts for unauthorized activity can help to bolster their digital defenses. Those measures won’t prevent users from falling victim to a data breach. It will help them to launch a quick response and contain the incident’s impact if and when that ever occurs.

 |  |  |  |  | 
David Bisson
Contributing Editor

More from Data Protection
March 27, 2024

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

March 12, 2024

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

March 5, 2024

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature