We live in a 24/7 news cycle and today’s headlines are forgotten tomorrow.
Only significant cybersecurity incidents make major news outlets, so I wanted to share a list of the top organizations that had publicly reported cyber incidents last year.
First, here are some statistics on cyberattacks: 93% of all attacks attempted to destroy data, 16% of firms attacked could not recover data from their backups and 21% of organizations that paid ransoms still could not recover their data — the loss was permanent.
Major healthcare company, McLaren, with annual revenues of $6B, recently reported the theft of 2.2 million patient records. This list is only a fraction of the number of actual attacks reported.
Companies: Freeport-McMoRan, Lumen Technologies, Johnson Controls, Procter & Gamble, Cornerstone Energy Services, SK USA, Boeing, American Airlines Pilot Association, Brunswick, Dish Network, Dole Food Company, Estée Lauder, Tempur Sealy International, Saks Fifth Avenue, Cornwell Quality Tools, NCR, NSF’s NoirLab, Sysco Corporation, Delaware Life Insurance Company of New York, Clear Spring Life and Annuity Company and Mortgage Industry Advisory Corporation.
Healthcare: PharMerica, Prospect Medical Holdings, The Chattanooga Heart Institute, Tampa General Hospital, Idaho Falls Community Hospital, Lehigh Valley Health Network, Murfreesboro Medical Clinic & SurgiCenter, Morris Hospital & Healthcare Centers, Richmond University Medical Center and Singing River Health System.
Education: Stephen F. Austin State University, Pearland Independent School District, St. Landry Parish Schools, Lake Dallas Independent School District, Lumberton Independent School District, University of Michigan, Bunker Hill Community College, Cambridge College, Cleveland City Schools, Chambersburg Area School District, Chattanooga State Community College, Community School of Naples, Curry County, Edmonds School District, Gaston College, Lebanon School District New Hampshire, Lewis & Clark College, Minneapolis Public Schools, Morehead State University, Northeastern State University, Oklahoma City University, Pacific Union College, Prince George’s County Public Schools, San Luis Obispo County Office of Education, Savannah Technical College, Sweetwater Union High School, Tennessee State University and University of Hawaii.
Government: City of Dallas, City of Nassau Bay, Baton Rouge Metropolitan Airport, George County, Atlanta Postal Credit Union, Adams County Communication Center, City of Hayward, City of Oakland, City of Waynesboro, City of West Jordan, Forsyth County, King County Sheriff’s Office, Langlade County Sheriff’s Office, Montclair Township, Town of Cornelius, U.S. Marshals Service and ZooTampa.
Several multibillion-dollar, publicly traded firms are listed along with major cities, universities, school districts and even the U.S. Marshals Service. These entities have IT staff to protect this data, yet they still experience breaches. My goal is for you to be aware that cybersecurity training and defenses are as important as safety training, processes and equipment. The world’s threats are constantly evolving, so the safety measures you use for your personal or business data must evolve at a faster rate than bad actors can create new attack methods and vectors.
What you did last year is insufficient. For instance, we used to believe that multifactor authentication was foolproof, but we now know that even it can be compromised. Therefore, the question isn’t if you will have an attack. Instead, these are the questions to consider: When will the attack occur? What early warning systems do I have to limit the attack? What is my incident response plan? When did I last test my plan? How many layers of recovery do I have? How long can systems be unavailable? How long would it take to recover the data or restore operations? How much time or money would be lost if an attack occurred, not to mention customers or reputation?
OMNIPOTECH has successfully helped companies from myriad industries manage and protect their critical and proprietary data, including banking, healthcare and industrial services.
For more information, visit omnipotech.com or call (281) 768-4308.
