Lax cybersecurity remains a concern for many firms.

As many as 45% of firms worldwide have had a data breach of some sort in the preceding 12 months, according to new information released by Atlas VPN.

A survey of more than 4,000 businesses worldwide, which varied in size from 50 employees up to nearly 5,000, showed that a surprisingly large proportion declared they’d lost information to hackers or by another means. The survey was conducted by Kaspersky, a major antivirus provider and troubleshooter for malware, whose research arm attempts to raise awareness of the issue of malware.

Companies surveyed included those across five different sectors: financial services, government, manufacturing, IT and telecommunications, and the retail and wholesale industry.

What each of those sectors reported was that significant cyber threats happen all the time. 

Data breaches happen all the time

“Data breaches exposing millions of personal records are becoming the new normal,” says Rachel Welch, chief operating officer of Atlas VPN, which analysed the data collected by Kaspersky and B2B International. The data showed that IT and telecoms companies were most likely to have been susceptible to a loss of data. In all, 53% of IT companies said a data breach had occurred on their watch in the previous 12 months.

But they were far from alone. Retail and wholesale companies – who handle large amounts of customer data, and are in charge of key supply lines of goods and services that keep the world running – also said they had fallen foul of data leakage of some sort or another.

A staggering 52% of them said they’d encountered an issue in the last year.

Manufacturing and industrial customers were least likely to have fallen foul of hackers or to have had a data breach, with just 43% of them reporting an issue. However, that still remains incredibly high – and for governments, tasked with keeping the data of their citizens safe, the sieve was no less leaky. In total, 46% of government bodies who responded said they’d lost precious data on people, or business critical information in the past 12 months.

Owning up to data breaches is important

Disclosure of data breaches is vital if and when they happen. “Sadly, not all businesses report breaches, thus leaving their customers in danger of identity theft or financial fraud,” adds Welch. Being proactively aware that a person’s data is potentially in the hands of cybercriminals puts them in a better position to be able to mitigate against the risks that can result from knock-on issues.

Of course, the best situation to be in is one where no data breaches happen at all. That, however, requires significant cyber awareness, and good practices when it comes to the hygiene of accounts and access to key critical information.

“I would advise every person to use 2-Factor Authentication (2FA) on any services that offer this option,” advises Welch. “For other services and websites, change your passwords consistently, at least every quarter.”

Regrettably, it seems very few businesses are bothering to try and protect their data with the seriousness that the situation deserves. Of the businesses surveyed by Kaspersky, 78% declared some form of cyber threat in their network in the last year. Such incursions into IT systems, wreaking havoc on all that they encounter, can be very costly: on average, a cyber incident causes $312,117 in damages.