In 2012, over 267 million data records were compromised in 2,644 reported security incidents, up 117% from the previous year. The majority of breaches occurred in the business sector, accounting for 85% of incidents and over 60% of records exposed. Hacking was the most common breach method, while malware and physical attacks were also significant risks. A skills gap in information security staffing has emerged as a major issue, with over 80% of organizations finding it difficult to hire qualified professionals and over 90% believing staffing issues increase security risks. Training for existing employees is important to address accidental insider breaches from user error and close skills gaps that threaten organizations' ability to implement effective security defenses.

1. SECURITY
Identify and plug the security skills gap
The business sector accounted for
Incidents by sector
Business
85%
of information security breaches in 2012
Records exposed by sector
Business
60.6%
Government
Government
17.9%
Education
Education
12.0%
Medical
84.7%
Medical
9.5%
12.6%
1.6%
1.1%
THE ISSUE
⅔
senior IT executives
are concerned about
data privacy and
information breaches
In 2012, more than 267 million
data records were compromised in
2,644 reported incidents - up 117%
over the previous year
There are 50,000
victims of cybercrime
every hour
ATTACK
Hacking was the number
one breach type for the second
consecutive year in 2012
DEFENCE
Most common techniques
How breaches occur
0100101010010101
1000101001001111
01001010100101010100101010010101
0100101010010101
1000101001001111
Hacking
(81%)
Malware
(69%)
Physical
attacks
(10%)
Social
tactics
(7%)
THE SKILLS GAP
!
89% say that having qualified
information security staff is a
top priority
92% say staffing issues
contribute to heightened
risk levels
Firewalls
Privilege
misuse
(5%)
?
In 2012, where insiders
were responsible for data
breaches, 56% of incidents
were accidental - the
result of user error and
inadequate training.
Antivirus
Data
encryption
80% believe it is difficult
to find and hire staff that
fit all requirements
Intrusion
prevention
Monitoring
technologies
Do you know how to
identify and fill the skills
gaps in your organisation?
READY TO STAY SECURE?
In an industry that's constantly
changing, you need to help your
people to stay ahead of the game
As The Chartered Institute for IT,
we're always up-to-date with the
latest trends
© BCS, The Chartered Institute for IT, is the business name of
The British Computer Society (Registered charity no. 292786) 2013
We can develop your employees’
skills so they can make decisions
critical to your business
Contact us on
+44 (0) 1793 417755
or visit enterprise.bcs.org
and help your team
meet the demands
of tomorrow.
Sources: ‘Data Breach Overview: An Executive’s Guide to Data Breach Trends in 2012’, mobistealth.com, floridatechonline.com,
siliconrepublic.com, ‘Surviving the Technical Security Skills Crisis’ - Forrester Consulting on behalf of IBM,
‘IT Executives Vision’ - IDG Research Services conducted for HP for 2020 (May 12), ISC Global Information Security Workforce Study 2013