Over 40bn records exposed in 2021: Tenable
Over 40 billion records were exposed in cyber incidents during 2021, up nearly 78% from 2020, according to research from Tenable.
Based on an analysis of publicly disclosed information between November 2020 and October 2021, Tenable reported that there were 1825 data breach incidents during the year, up from just 730 in 2020.
The research found that 236 of the breaches analysed happened in APAC, with around 3.5 billion records exposed in the region — 8.6% of the global tally.
Meanwhile, during the year there were 21,957 common vulnerabilities and exposures reported, up 19.6% from 2020. From 2016 to 2021 the number of Common Vulnerabilities and Exposures (CVEs) increased at an average annual percentage growth rate of 28.3%.
Ransomware was a major driver of the increased threat activity, responsible for approximately 38% of all breaches and 31% of breaches in APAC.
Meanwhile, 10% of breaches in APAC were unsecured cloud databases, compared to a global average of just 6%. And while healthcare and education remain the most targeted industries worldwide, in APAC the technology industry and governments were the two top victims of breaches.
“In their 2020–2021 report, the Australian Cyber Security Centre (ACSC) emphasised how ransomware and exploitation of unpatched vulnerabilities were two key root causes of cyber incidents and data breaches among Australian organisations,” Tenable Staff Research Engineer Satnam Narang said.
“Our findings show a similar trend, in that most data breaches in APAC stem from the same origins, demonstrating the multifaceted threat landscape facing Australian security leaders.”
Narang added that the results demonstrate the additional security challenges associated with the rapidly transforming nature of the enterprise IT network.
“With many organisations accelerating their digital transformation and adoption of SaaS solutions, and the democratisation of hybrid work models, the nature of an organisation’s network has changed drastically,” he said.
“It is essential that security leaders focus on building a stronger understanding of all the potential attack paths on their systems, and leverage available security frameworks such as the Essential Eight, to bolster their cyber defences.”
Building a critical infrastructure security dream team
Today it's essential to have a strong cyber strategy, with all corners of the business aware...
The AI regulation debate in Australia: navigating risks and rewards
To remain competitive in the world economy, Australia needs to find a way to safely use AI systems.
Strategies for navigating Java vulnerabilities
Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...