Responding to 2023’s Alarming Rate of Cyberattacks

In this article, we'll examine 2023’s unprecedented number of cyberattacks, explore the leading causes behind them, and discuss what you can do to predict and prevent breaches from happening in the first place.

The first half of 2023 saw a surge in data breaches across the US. From healthcare to financial services and beyond, organizations in all sectors are dealing with unprecedented levels of cyberattacks that threaten their systems, reputation, and bottom line.

According to an H1 2023 Data Breach Analysis by the Identity Theft Resource Center, there were 1,393 data breaches in the first half of 2023 – more than were seen in any individual year between 2005 and 2020, except for 2017. While 2021 and 2022 saw more than 1,393 data compromises, that number is only from the first six months of 2023. Furthermore, there have been over 350 compromises per quarter since the fourth quarter of 2020. It therefore seems reasonable to assume that the final full-year tally for 2023 will top 2021’s record of 1,862 data breaches.

Data breaches by sector

The first half of 2023 saw a dramatic uptick in data breaches across all industries, with healthcare being hit the hardest. Meanwhile, financial services firms experienced almost double the number of breaches compared to H1 2022. Neither of these findings are shocking when you consider the potential payoff for cybercrimes in these two sectors. Successfully attacking a financial services organization means tapping directly into financial information, while the patient information stored by healthcare systems can be sold for a lot of money on the black market.

The stakes are high no matter the industry, though healthcare has the added vulnerability of needing to protect patients — not just from data exposure, but from life-and-death consequences. Ransomware is an all-too commonplace threat in the healthcare industry, and represents most organizations’ biggest nightmare. Putting solutions in place for ransomware mitigation is, and should be, top priority for most healthcare organizations.

Ultimately, investing in robust security is essential for all businesses, no matter the industry. Implementing tools to help prevent data breaches, and preparing a remediation plan in case a compromise does occur, are essential to survive in today's digital world.

The leading causes of cyberattacks

To protect themselves against data breaches, organizations need to try and understand the causes of cyberattacks. Unfortunately, most data breaches are linked to a “non-specified” cause. While organizations are sometimes hesitant to reveal the source of a data breach, a “non-specified” cause usually reflects an inability to determine the definitive cause of an incident.

We do know, however, that phishing and ransomware are the most common known vectors of attack. According to the same Identity Theft Resource Center report, malware attacks in H1 2023 increased by 89% compared to the same period in 2022. Although advanced security solutions are the best way to prevent cybercrime, employee education is also key. Training employees on the various sources of cyberattacks and the warning signs to look out for can go a long way towards prevention. This is particularly true for phishing attacks, which use psychology to take advantage of employees.

On predicting and preventing data breaches

The US experienced an extraordinary number of data breaches in the first half of 2023 and appears to be on track to reach a record number of incidents for the full year. Organizations need to take proactive steps to safeguard their systems and their future.

The good news is that organizations now have access to a range of resources and technologies that can help them predict and prevent data breaches. For example, identity management services improve both security and productivity with automated tools for granting, revoking, and monitoring user access – be it internal, external, or third-party. The right combination of monitoring tools, AI-powered analytics, and expert insight will flag unusual behaviors and suspicious activities. Thus, organizations are warned of potential avenues of attack, and individual users who may pose a threat. As the old saying goes, an ounce of prevention is worth a pound of cure.

By investing in digital identity solutions and employee training, businesses will be much better equipped to handle data breaches in 2023 and beyond. It's essential that organizations take an active role in protecting themselves against cyberattacks by focusing on both preventive measures and preparing remediation plans in case a breach should occur.

More good news

In addition to the technologies available to help mitigate data breaches, the tech available to investigate and remediate breaches has come a long way. In fact, despite the unprecedented number of data breaches in the first six months of 2023, far fewer individuals were impacted by data compromise compared to the same period in 2022. True, 156 million individuals affected in just six months is alarming, but it’s nowhere near the 424 million individuals impacted in 2022.

Appropriate identity and access management tools will secure all of your user identities and their access to your systems and resources. If one individual’s credentials are compromised, bad actors will only have access to the small slice of the pie that single individual can access. When red flags are raised, these tools also make it easy to promptly revoke access to keep unauthorized users out. Furthermore, being able to audit and document user activity simplifies investigations and speeds up remediation time – these tools may even help prevent a data breach from occurring in the first place.

Determine how effective your cybersecurity strategy is by taking our digital identity maturity assessment, and receive actionable advice on ways to improve.