The United States led the world in data breaches last year by a large margin, according to an analysis released Wednesday. Nearly half, 47.5 percent, of announced data breaches in 2016 that exposed user data — and 68.2 percent of breached records — came from the U.S., according to Risk Based Security’s annual data breach report. IT security experts from Tripwire commented below.

Dwayne Melancon, Vice President, Products at Tripwire:

dwayne-melancon“The US is a leading world economy – and one of the most connected economies – so it isn’t surprising that nearly half of the world’s data breaches are in the US. A lot of organizations have gone after the “quick fixes” for information security, but that isn’t sufficient, as the results indicate.

Organizations that are concerned about breaches will benefit most from focusing on the foundational information security controls – that involves knowing what is on your network and how that’s changing; how your IT assets relate to the business; implementing a solid process to ensure your systems and applications are configured securely; understanding and managing vulnerabilities; and implementing a continuous diagnostic & monitoring process to keep your business safe.

The Verizon Data Breach Investigations Report states that most breaches could have been prevented through the use of fundamental security controls like these, but many organizations continue to neglect them. Until that changes, the US will remain at the top of the breach leaderboard.”

Tim Erlin, Sr. Director, Product Management at Tripwire:

tim_erlin“It’s important to note that the United States is also one of the largest economies in the world, so it follows that the country would experience proportionally more data breaches simply based on the fact that there’s more data to be breached.

The number of breaches in the US far outpaced other large economic players, indicating that this isn’t just about proportional opportunity for breach activity. Breach disclosure laws may have something to do with these numbers. It’s worth noting that both China and the Russian Federation, also representing very large economies, had far, far, fewer reported breaches; they also have far fewer breach disclosure laws.”