Page 2 - End of Year 16 Page Booklet QTY 50
P. 2

EXECUTIVE SUMMARY



             DATA BREACHES, THE NEW NORMAL AND A

             CALL TO ACTION FOR INDUSTRY



             The Identity Theft Resource Center has been tracking publicly-available disclosures of data breaches
             since 2005 and reporting on it regularly, thanks to our sponsor, CyberScout.  When we started,

             we knew it was important for us to aggregate this information, provide one central repository for

             analysis and obtain a greater understanding of this important part of our cybersecurity landscape,
             as well as inform us how we can better help identity theft victims.  Over the years, our methodology
             and our understanding have changed with the evolution of the types and severity of breaches.




             As our understanding of data breaches change, so too does the definitions and categorizations.
             Not all data incidents are categorized as a breach – this includes incidents of misuse. We have
             found the need to include the existence of these incidents, but not necessarily include them in

             our reporting.  Case in point, this year was the Facebook/Cambridge Analytica incident, which we

             currently categorize as data abuse and not a breach since users provided permission to the entity
             originally collecting the information.  This event shined a spotlight on the fact that not only are data
             breaches now a normal, everyday occurrence, but data abuses are becoming all to frequent.  For

             each incident that has been reported or that the ITRC has researched, how many more

             are simply continuing to occur unnoticed and unreported?  Unfortunately, the answer is
             far more than even experts in this space want to admit.
                                                                                                TAKE ACTION


             At the Identity Theft Resource Center, we speak with victims of data incidents on a regular basis.

             Helping address the confusion and true lack of understanding the affected person has about
             what each incident actually means is our paramount concern.  Simply handling these incidents
             on a case-by-case basis for an individual victim is not enough – they are becoming too common

             and affect too many people for us to attempt to provide answers to every impacted person through

             our call center.  The time has come for all of us – advocates, decision makers, and industry – to
             develop and use technology to our advantage and create systemic change.  Thieves upgrade,
             update, communicate and leverage technology to perpetrate their schemes – why aren’t we?








                         © IDENTITY THEFT RESOURCE CENTER 2019  |  IDTHEFTCENTER.ORG
                       © IDENTITY THEFT RESOURCE CENTER 2019  |  IDTHEFTCENTER.ORG
   1   2   3   4   5   6   7