Cyber Security Cloud Releases Research Report on Personal Data Breach Incidents due to Unauthorized Access from October 2019 to September 2020

TOKYO, Oct. 15, 2020 /PRNewswire-PRWeb/ -- The ratio of Personal Data Breach Incidents by Industry

The research covered 50 medium-sized personal data breach cases with a damage scale of more than 1,000 cases and less than 1 million cases caused by unauthorized access and categorized the personal data breach cases into eight industries: manufacturers, retail, services and infrastructure, software and telecommunications, trading companies, financial services, advertising/publishing/media, and government/public offices/organizations, based on the information of the companies that announced the breach.

Retailers were the most commonly exposed to personal data breaches at 24%, followed by services and infrastructure at 22% and manufacturers at 18%. On the other hand, only 6% of breaches occurred in the financial sector.

    --  Ratio of Public Companies (including subsidiaries) and Private Companies
        in Data Breach incidents

We also measured the ratio of incidents at listed companies (including subsidiaries) and found that approximately 43% of the incidents occurred at listed companies. Among them, the manufacturing industry had the highest percentage of listed companies at 67%, followed by the software and telecommunications industry at 50% and the services and infrastructure industry at 45%.

    --  Comparison of the number of personal data breaches by industry

By industry, the retail industry had the highest number of personal data breaches at 926,002, followed by 594,753 in the manufacturing industry and 338,618 in the services and infrastructure industry, in proportion to the number of personal data breach incidents.

    --  Observation

According to the results of this report, the ratio of listed companies over unlisted companies in the data breach incidents is the highest in the manufacturing industry, and even among listed companies, there is a possibility that the measures against unauthorized access may be inadequate even for a listed company, and it is necessary to strengthen the measures for the entire group, including subsidiaries.

On the other hand, although only 25% of the retail industry is listed, the largest number of cases occurred in the retail industry, indicating that many of the victims were non-listed companies with inadequate security measures. According to a survey*1 released by the Ministry of Economy, Trade, and Industry in July 2020, the domestic consumer and business-to-business e-commerce market in Japan in 2019 will expand by approximately 7.7% to JPY19.4 trillion compared to the previous year, and the rate of conversion to e-commerce is on the rise. In the retail industry, many companies operate their own e-commerce sites and handle customer information, which can be a target for cyber-attacks.

The report also indicates that the number of cases and the number of compromises in the financial industry, where vulnerabilities in payment services and other industries have been attracting attention in recent years, are far fewer than in other industries. In the financial industry, where strong security is required, there are cases where users are directly affected by damage, so the number of cases tends to at least attract attention.

When a company suffers a cyber-attack due to unauthorized access, not only can it cause brand damage and loss of trust, but it can also incur unexpected costs to investigate the damage and, in some cases, compensate the company for damages. In addition, the revised Personal Information Protection Law will be enforced by June 2022, which includes stronger penalties such as raising the maximum fine for companies responsible for personal information leaks to up to US$1 million. To prevent such damage from occurring, it is important to review your company's cybersecurity policies and take countermeasures.

[Research Overview]

    --  Period: October 1, 2019 - September 30, 2020
    --  Target: 50 personal data breach cases with a damage scale of more than
        1,000 cases and less than 1 million cases caused by unauthorized access
        announced during the above period
    --  Method: Cyber Security Cloud Research

[Industry classification in this research]

    --  Manufacturer: Food, Agriculture, Forestry and Fisheries; Construction,
        Housing, and Interior Design; Textiles, Chemicals, Pharmaceuticals, and
        Cosmetics; Iron, Steel, Metals, and Mining; Machinery and Plants;
        Electronic and Electrical Equipment; Automobiles and Transportation
        Equipment; Precision and Medical Equipment; Printing and Office
        Equipment; Sports and Toys; Other Manufacturers
    --  Retail: Department stores, supermarkets, convenience stores, and
        specialty stores
    --  Services & Infrastructure: Real estate; railroad, aviation,
        transportation, and logistics; electricity, gas, and energy; food
        services; hotels and travel; medical and welfare services; amusement,
        leisure, and other services; consulting and research; human resources
        services; education
    --  Software and Communications: Software, Internet and Communications
    --  Trading company: General and specialized trading company
    --  Finance: Banks and securities, credit card companies, credit sales and
        leasing companies, other financial institutions, life, and non-life
        insurance companies
    --  Advertising / Publishing / Media: Broadcasting, newspapers, publishing,
        and advertising
    --  Government / Public corporation / Organizations: Public companies and
        organizations, government agencies

About Cyber Security Cloud, Inc.
With an aim to create a secure cyberspace that people around the world can use safely, Cyber Security Cloud provides web application security services worldwide using the world's leading cyber threat intelligence and AI technology. CSC is also certified as the 7th AWS WAF Managed Rules Seller in the world by AWS (Amazon Web Service) which boasts a 45% global cloud market share.*2

As a leading cybersecurity company, CSC plans to continue to strive to improve and develop new technologies and aim to be a company that can deliver effective security solutions to contribute to the information revolution.

*1: Market Research on E-Commerce (2019)
*2: Gartner (August 2020)???Worldwide Iaas Public Cloud Services Market Share, 2018-2019

SOURCE Cyber Security Cloud, Inc.