Eva Velasquez, President and CEO
Identity Theft Resource Center
The Identity Theft Resource Center (ITRC) has been analyzing data breaches since 2005 to better understand the importance of cybersecurity and to assist victims of these incidents. Consumers and companies are suffering from these breaches in the business, travel, financial, healthcare and more industries. In their most recent report analyzing the data from 2018, they evaluated more than 1,200 data breaches that were publicly disclosed. Last year large corporations, government agencies and online businesses all fell victim to data breaches. These breaches exposed more than 446 million records of consumer personal identifying information (PII). With companies and consumers suffering from the impact of these incidents, it’s time to focus on what professionals in the industry can do to help.
While many data breaches are caused by the immoral practices of hackers and thieves, they can also be caused by the negligence of employees or malfunctions in security systems. Anti-fraud professionals should follow best practices when it comes to cybersecurity and never get too comfortable with their established practices. As hackers and scammers continue to evolve in the way they obtain PII, we must also continue to improve upon cybersecurity standards and implementations.
Practitioners also face the issue of evolving with the way we work. Corporations and governments are often behind or slow to adapt when it comes to new technologies or solutions. We cannot settle for or rely on old practices when the way individuals work has changed drastically in the last five years. Employees now work remotely or from mobile devices, and have access to the web from their employer’s property. We need to ensure safety when any of these options are involved in the way we work.
Finally, we need to help others help themselves and their employers. By administering educational courses, conducting regular testing and talking about recent exposures, we can help safeguard against human error and discrepancies. Phishing scams and malware attachments are just a couple of the regular practices we should warn employees about and teach them how to handle.
On top of preventing data breaches, industry professionals need to do a better job of reacting to breaches when they inevitably happen. By providing more insight into what data was breached and how, we can help victims deal with the potential harms and the industry to build stronger security practices together.
By creating security policies with hackers and employee behaviors in mind, we can lessen the risk of data breaches and protect sensitive information from being exposed. Implementation and education around these policies can help prevent data incidents in the workplace. To learn more about data breaches and how to protect your data against potential threats, check out the ACFE’s upcoming training events or visit idtheftcenter.org.