Organisations concerned about the spread of new security attacks and compromises will get a real-time view into the current threat profile after security firm SafeNet launched a centralised, global database of breaches classified and analysed according to their level of urgency.
The SafeNet Breach Level Index (BLI) aggregates information about major and minor data breaches into a single interface that allows users to get a better picture of the current threat environment.
Data from incidents recorded during 2013, which have already been loaded into the BLI based on publicly available information, includes details of over 1000 breaches in which more than 575 million data records were lost or stolen. This equates to 1.57 million records stolen every day of the year, or 18 records stolen every second.
Of those, 32 breaches occurred in Australia and New Zealand, representing a total of 42.1 million lost records.
Detailing and classifying security breaches helps bring a level of understanding to the threat profile that has been lacking in the past, according to SafeNet. “Not all breaches are created or should be treated alike," said Prakash Panjwani, senior vice president and general manager for data protection with SafeNet, in a statement.
"The Breach Level Index helps us track and differentiate between an insecure breach, in which customer data is compromised and lost, and a secure breach, where data is stolen but cannot be deciphered by cyber criminals because it is encrypted, rendering it useless to them."
Of the attacks in the BLI database, 57 per cent were caused by malicious outsiders, while accidental loss accounted for 27 per cent of breaches and malicious insiders, 13 per cent.
Hacktivists accounted for just 2 per cent of data breaches, with state-sponsored activity less than 1 per cent.
Healthcare and government records were the most frequently targeted, accounting for 31 per cent and 17 per cent of data breaches, respectively, with financial (15 per cent), technology (11 per cent) and retail (8 per cent) rounding out the top five.
And, while healthcare and government sectors saw the most data breaches, it was the technology and retail sectors that saw the most records exposed (43 per cent and 28 per cent of all records, respectively). Financial records were the most popular target for hackers, accounting for half of all data records exposed.
The BLI emerged from a SafeNet collaboration with analyst firm IT-Harvest that resulted in the creation of an algorithm that the BLI uses to analyse multiple inputs and determine the relative severity of each breach on a scale of 1 to 10. Factors affecting that ranking include the data type, number of records stolen, breach source, and whether or not the high-value data remained secure after the breach was discovered.
“Based on several factors," Panjwani said, "the Breach Level Index will assign a numerical score to indicate the severity of a given breach, and that number will be significantly lower if the organisation in question has successfully limited itself to a secure breach and maintained the integrity of its confidential data.”
The recent high-profile hack of US retailer Target, in which 110 million records were breached, currently holds the number-one spot while the September breach of Adobe Systems (152 million records), December breach of Turkey's Supreme Election Committee (54 million), Cupid Media (42 million) and Korea Credit Bureau (20 million) round out the top five worst attacks on the BLI database.
Follow @CSO_Australia and sign up to the CSO Australia newsletter.