In our latest research endeavor, experts from RiskRecon, a Mastercard Company, dove into 10 years of publicly disclosed breach events to offer lessons and insights to cybersecurity professionals from those occurrences. In this post, we look at a breakdown of industries impacted by breach events between 2012-2021.
Healthcare and educational institutions reported the highest rate of breach events, with over 17% reporting at least one breach from 2012 to 2021. The public sector didn’t fare so well either, with 15.4% of government entities experiencing a breach. On the other end, the finance industry did quite well, considering the massive threat pressure they face, with 3.9% of monitored companies publicly reporting a breach.
Every industry experienced a higher breach rate in 2021 than in 2012. In 2021, utility companies reported 14 times more compromises than they did in 2012. Hospitality reported 9.5 times more, professional services 5.2 times more, and media 3.7 times more. Indeed, cybercrime has come to roost in industries beyond the traditional favorite target of finance.
The charts below show the percentage of companies breached each year by industry.
RiskRecon Risk Management Insights: Industry sectors that were largely ignored 10 years ago are now publicly reporting breaches more frequently than traditional targets. Utilities, hospitality, education, professional services, governments, and media all had at least a 300% increase in publicly reported breach events. The utility industry went from a breach rate in 2012 of 0.16% to 3.5% in 2020!
Risk managers would be wise to update their industry-specific cybersecurity risk models. Those using old data will dramatically underestimate breach event frequencies.
Check back soon for most risk management insights and analysis from RiskRecon!
