Mitigating the Cyber Domino EffectExperian's Bruemmer on the Growing Toll of Multiple Breaches
The 'Cybersecurity Domino Effect' is a new term to describe the cumulative impact of multiple data breaches. How should organizations and individuals respond? Michael Bruemmer of Experian offers guidance.
The term was popularized in a recent Forbes magazine piece, and industry experts have subsequently adopted it. But Bruemmer foresaw this domino effect last fall, when he made his 2015 breach predictions.
"The idea is that the Internet of things and their interconnectedness would impact organizations once a breach occurred, or a number of breaches in succession," says Bruemmer, VP of Consumer Protection at Experian Consumer Services. "In my opinion, it simply means it's the wave of cybersecurity events and data breaches that would come and create a cumulative privacy and cybersecurity issue for organizations and individuals alike."
The direct impact on individuals? The risk of identity compromise from a succession of incidents that may not be directly related.
"PII that is compromised by one event can be combined with [that affected by] another event to cause additional harm," Bruemmer says. "And we're seeing that more often from our Fraud Resolution team as they try to help people."
And the impact on organizations only swells from there, he explains.
In an interview about the cybersecurity domino effect, Bruemmer discusses:
- The cumulative impact of breaches on individuals and organizations;
- The criticality of identity theft protection immediately following a breach;
- How to prepare to mitigate the impacts of this domino effect.
Bruemmer is VP, Consumer Protection at Experian Consumer Services, formerly Experian Data Breach Resolution. With more than 25 years in the industry, Bruemmer brings a wealth of knowledge related to business operations and development in the identity theft and fraud resolution space where he has educated businesses of all sizes and sectors through pre-breach and breach response planning and delivery, including notification, call center and identity protection services.