It’s probably fair to say that 2018 has experienced more than its share of data breaches. In fact, according to Gemalto’s Breach Level Index, the first half of the year alone saw 945 data breaches compromise an incredible 4.5 billion data records worldwide. A week seldom goes by in which a major data breach is not reported, while organizations the world over continue to strive to keep valuable data out of reach of an increasing range of threats.
From an EMEA perspective, the EU’s General Data Protection Regulation (GDPR) has compelled many businesses to elevate data protection processes, yet high profile breaches are still happening. The European edition of the 2018 Thales Data Threat Report believes that data is under siege across Europe, with 71 percent of European enterprises surveyed reporting that they have been breached, of which 32 percent have experienced a breach in the past year.
The report goes on to state that “the UK is the most breached country in cybersecurity terms,” with 67 percent of UK respondents confirming they had been victims of a security breach at some point in the past. Here are five of the most infamous security breaches that have occurred in the EMEA region over the past two years:
1 – FIFA
In November this year, approximately 3.4 terabytes of data and 70 million documents from FIFA, containing numerous allegations of corruption, were leaked to German magazine Der Spiegel by the Football Leaks organization.
2 – British Airways
Between Aug. 21 and Sept. 5, 2018, a data breach affecting 380,000 transactions occurred, involving an attack that took place on the British Airways website and the company’s app.
3 – Dixons Carphone
The UK-based electrical brands retailer admitted to a massive data breach that happened in July 2017, involving access to approximately 1.2 million customer records. Even worse was an attempt to compromise 5.9 million cards in the processing systems of Currys PC World and Dixons Travel Shops.
4 – NHS
In May 2017, a calculated attack was undertaken on not just the NHS, but also other organizations worldwide. Unfortunately, the NHS was the worst affected, with 47 Trusts breached by the malicious ransomware WannaCry, which restricts computer or network access and threatens to delete data within a certain time unless a ransom is paid.
5 – Wonga
The payday loan firm suffered a data breach in April 2017 that affected as many as 245,000 UK customers, including bank account numbers and sort codes.
One clear conclusion that we can draw from all of these data breaches is that attack vectors are constantly changing. Additionally, applications are forming the base of many of today’s organizations, which means that DevOps is becoming a true Software Production Line, and therefore, the importance of embedding security during the DevOps processes cannot be overlooked.
Vigilance has become everyone’s responsibility not just that of the CSO. With this in mind, and looking ahead to 2019, here’s a short wrap of how three of Forrester’s predictions for the cybersecurity industry may impact the European market specifically, as shared by senior analyst Paul McKay: