2018 Data breaches – Have slowed down since last year but still high

2018 Data breaches – Have slowed down since last year but still high

Though 2018 hasn’t reached half way, the number of data breaches thus far in the US through to March 27th has seen more than 250 data breaches, with more than 5.4 million records exposed. In comparison to last year there has been a decline of 36% during the same period of time which saw 392 data breaches, according to the Identity Theft Resource Center as reported by 247wallst.com. Whilst this certainly is an improvement, by no means should businesses and organisations get complacent as cyber criminals often seek out the easiest targets and this may just mean that a different attack method or approach will be sought instead.


In terms of industries targeted so far this year, the business sector has been compromised the most with 107 incidents. These compromises have exposed 3.4 million records. The second most targeted industry is the medical/health care sector, with 67 data breaches, of which 780,000 records have been exposed.  Even though the business sector has been targeted more, medical/health data on the black market is considered more valuable to cyber criminals, as there are many more lucrative ways to use it fraudulently.


Incident Response Plan

Even though in the US reported data breaches are down, businesses should prepare for the worst case scenario and have a plan. One of the most important steps that a business should consider is creating, maintaining and distributing a detailed Incident Response (IR) plan. This is a formal document, which should contain the following important information:


  • Definition of the parties within an organisation who are responsible for security and the maintenance of the IR plan
  • Breakdown of potential breach scenarios that are relevant to the business
  • Description of the specific actions that need to be taken in the event of a potential breach. This should include clear definition of responsibilities for those taking specific actions
  • Complete list of parties who need to be contacted and importantly, how they can be contacted. This should include information related to whether out-of-hours cover exists and if not, what actions should be taken in the event of a security incident occurring at these times
  • Definition of any third-parties who may be relied upon, contacted or otherwise involved following a breach, for example managed service providers of network/security systems


Care should be taken, throughout the creation of the IR plan, to make sure that the material contained within it, is relevant and specific to the business(es) it will be supporting. In many cases, a poorly thought out IR plan can be more of a hindrance than a help, especially at a time when clear-thinking and the speed of response to a breach can be critical. Here at Sysnet we have developed an Incident Response Plan that can be shared, download it here.



Many business find security and compliance complicated, Sysnet’s Proactive Data Security services provides support and tools that guides smaller businesses through cyber security and compliance. Our white labelled services not only reduce risk but also provide a healthy alternative to non-compliance fee revenue for your organisation. To learn more about Proactive Data Security click on the request a call back form below.


Like this Article?

Subscribe to receive more tips & news about Cyber Security, Compliance and a lot more!

  • Sysnet Global Solutions will use the information you provide on this form to be in touch with you regarding non-promotional as well as promotional material by email and phone. If you agree to same, then please select the ‘I consent’ box after reading the terms and conditions listed below in relation to consent. You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, update your preferences for communications, content etc. by clicking on the update my preferences button in any email we send you or by contacting us at marketing@sysnetgs.com We will treat your information with respect. For more information about our privacy practices please visit our website. By clicking below, you agree that we may process your information in accordance with these terms. We use Pardot as our marketing automation platform. By clicking below to submit this form, you acknowledge or agree that the information you provide will be transferred to Pardot for processing in accordance with their Privacy Policy and Terms