Incident & Breach Response , Security Operations , Standards, Regulations & Compliance
How Can We Get Better Visibility Into Data Breaches?
James E. Lee of ITRC on the Need for Transparency, UniformityThe Identity Theft Resource Center's data breach report for the first half of 2022 says approximately 40% of data breach notices do not list the root cause of the compromise. “Unknown” is the top cause of data breaches for the first time since the ITRC began tracking their causes.
See Also: Cyber Insurance Assessment Readiness Checklist
James E. Lee, the non-profit company's chief operating officer, says we need to watch this trend "to make sure we don't slip into a period where, when we need more information, organizations that are losing control of data give us less information."
Lee urges organizations to share information. "We need to get a better handle on how many people are actually being impacted by this and the actual number of data breaches … because until we do that, we can't really make a dent in reducing the number," he says.
In a video interview with Information Security Media Group, Lee discusses:
- Trends from ITRC's "H1 2022 Data Breach Analysis" report;
- How we can gain better visibility into data breaches as well as the impact of ransomware;
- The impact of the U.S. government's recent legislation to make it mandatory for critical infrastructure organizations to report all cyber incidents.
Lee is a data protection and technology veteran. He is the former executive vice president and company secretary of Irish application security company Waratek and former senior vice president and chief marketing officer for Atlanta-based data pioneer ChoicePoint, which is now LexisNexis. He also chaired two working groups on identity management and privacy for the American National Standards Institute. Prior to joining ChoicePoint, Lee served as a global public affairs and communication executive at International Paper Company.