Kroll Data Breach Report: Less-Regulated Industries TargetedBrian Lapidus and Heather Williams Discuss Key Findings
The number of data breach notifications jumped 140% in 2020 from the previous year, with a surge in attacks against less-regulated industries, according to Kroll's 2021 Data Breach Outlook.
When they targeted less-regulated industries - such as food and beverage, construction and agriculture - attackers were "making some assumptions that they are lacking some best security practices that would help them reduce the risk of a cyberattack," says Brian Lapidus, global practice leader for Kroll's identity theft and breach notification practice.
Heather Williams, associate managing director of Kroll's cyber risk practice, notes cybercriminals "are really kicking it up a notch" to target industries "that are still critical to our infrastructure but may not be the ones that are the most mature and have much budget to spend on closing gaps in their security."
In this joint interview with Information Security Media Group (see audio link below photos), Lapidus and Williams discuss:
- The industries that saw the largest increase in data breaches in 2020;
- The impact ransomware extortion attacks had on the number of data breach reports;
- Data breach trends so far in 2021.
The Kroll 2021 Data Breach Outlook is based on more than 1,000 breach responses that the company managed from January 2019 through April 2021.
Lapidus is the global practice leader for Kroll's identity theft and breach notification practice, a division of Kroll's cyber risk practice.
Williams is the associate managing director of Kroll's cyber risk practice. She has nearly 15 years of industry experience.