Nothing to Fear but a Data Incident

For decades, it seems, public speaking was America’s biggest phobia. However, a recent study from Chapman University found that’s changed: Cyber-terrorism, corporate tracking of personal information, government tracking of personal information, identity theft and credit card fraud are now five of the top 10 fears held by Americans. Even a few of the other five fears tangentially relate to cybersecurity, with public speaking nowhere in the top 10.

And those cybersecurity fears are sound, as is evidenced by the ninth annual Data Breach Investigations Report from Verizon. The report also demonstrates that most breaches are not accomplished by accident. In fact, it begins with a single chilling statistic on the cover: 89% of breaches had a financial or espionage motive.

Verizon’s report looked at over 100,000 incidents from 2015 before trimming the dataset down to 64,199 incidents (security events that compromise the integrity, confidentiality or availability of an information asset) and 2,260 breaches (incidents that result in the confirmed disclosure of data to an unauthorized party) from 82 countries. Here are some of the things that caught our attention:

• The public sector had the most security incidents of any industry with 47,237 of the 64,199 reported.
• For data breaches, the financial industry took the top spot, with 795 breaches of the 2,260 accounted for in the report.
• Phishing, or a way to trick someone into opening a malicious attachment or link, continues to grow in popularity. This type of attack accounted for 9,576 of the 64,199 incidents and 916 of the 2,260 breaches. Phishing incidents increased approximately 90% since 2014.
• The security of credentials, such as user names and passwords, remains an area where improvement can be made. Default, stolen or weak passwords were to blame for 63% of data breaches.
• Two-factor authentication was stressed throughout the report. Simply having a single authenticating password is not enough. They likened a password to salt – “wonderful as an addition ­­to something else, but you wouldn’t consume it on its own.”

These are just a few of the facts and figures that stuck out. But of all the 85 pages included in the report, one single message rang out loud and clear: Hackers will target any and all industries, organizations and locations. No one is immune.

That’s the importance of cyber safety for digital transactions and electronic signatures can’t be stressed enough. When documents and data enter a digital workflow, including one that uses e-signatures, it is essential to protect your information. Make sure only the right people are granted access and safety protocols are firmly in place, such as:

• Public-key infrastructure technology: secure, standards-based cryptography to protect and sign documents.
• Document encryption: a process to make a document unreadable unless you have the key to view the document in its original form.
• Robust identity authentication: a method to prove that each individual who accessed a document is who he or she claims to be.
• Tamper-evident technology: the ability to track and prove whether someone changed something in the digital document, no matter how small.
• Complete audit trail: a comprehensive log that records every part of the e-signing process.

This just scratches the surface of security need-to-knows for digital transactions. As is inferred from this Verizon report, the deeper your security measures, the less likely you will become part of next year’s statistics.