United Kingdom


  • Service: Advisory, Risk Consulting
  • Type: Audio, Business and industry issue, Survey report
  • Date: 11/02/2013
  • Length: 11:38 Minutes

Data Loss Barometer 2012 - Exclusive Preview Webcast 

Data Loss Barometer 2012


Listen to Martin Jordan, Head of KPMG’s Cyber Response Team, discuss the findings of the report below.

Play episode  | Download episode  | Text version


Slide 1


Hello all and welcome to the webex of the KPMG 2012 Data Loss Barometer.
The KPMG Data Loss Barometer 2012 exposes some of the latest trends and statistics for globally lost and stolen information in 2012 as well as a view of trends over the last five years.
Over 82 countries are represented in our barometer in 2012, with over 96 countries represented over the last five years. The report reveals causes of data loss, types of incidents, as well as specific trends by sector.
Over the next 15minutes I will take you through the highlights of the report.
We will explore the industries at greatest risk and suggest reasons as to why certain types of threat are on teh increase.
Finally we will conclude with some suggestions on how to prevent data loss discussing mitigating controls

Slide 2


No text


Slide 3


Now for a look at the breakdown for the  2012,
You can see form the info graphic that no sector is immune, form law, health case to financial services, although te figures would suggest that financial services has improved dramatically. This should not come as a surprise to us given the focus the regulator has show over the past year years.
The healthcare industry, which has previously struggled between 2010 and 2011 has shown dramatic improvement in 2012.
More positive news was also seen from within both companies and public sector organisations whose efforts to tackle security from the inside looks to be bearing fruit as  internal security breaches more than halved from 435 in 2011 to 198 in 2012. However the cost of human carelessness and systems errors still accounted for 4% of data loss and physical theft of PCs, hardware and mobile devices accounted for 11% of all data loss this year.
“Several of the world’s largest companies have been targeted over recent months by hackers who have grown in sophistication. It is now not just a lone hacker sitting in their bedroom but, in many cases, serious organisations backed by nation states who are leading this new phenomenon.”

Slide 4

Over the past five years, more than 1 billion people globally have been affected by data loss incidents.  In the last two years, there was a jump of 40% of the publicly disclosed data loss incidents. Given the SEC disclosure requirements in the US this should not come as a surprise.
On the right and side the graphic shows that hacking represents a whopping 65% of all types of data loss over the past 5 years, sadly this figure increased to 67% in 2012 and I do not see this upwards trend slowing as our ability to detect malicious activity on our network increases.
We feel that this is only the tip of the iceberg, these statistics typically only include incidents where there is an obligation to report or where the breach has entered the public domain.  “Incidents which involve the loss or theft of commercial data that does not relate to individuals goes largely unreported.  Hacking is now widespread and the attackers range from the intellectually curious through to sophisticated nation states, the targets range from safety-critical processing systems through to price sensitive deal data.
The graphic on the left hand side highlights the technology sector as a hotspot for dataloss.

Whilst the Technology industry over the last five years have had fewer number of incidents than the Top 5 worst performing industries Government, Healthcare, Education, Financial Services, and Retail, the percentage of people affected by the Technology incidents remains highest accounting for 26% of total number of people affected between 2008 -2012.
The Technology industry is also at greatest risk from third party incidents, suggesting it is an active target of external malicious perpetrators.

Slide 5


Taking a broader look across industry we can seen that hacking is a common theme of data loss.
One point to note is that whilst overall we have seen social engineering fall, The Insurance industry appears as the sector at greatest risk from social engineering attacks and system/human error incidents, ranking # 1 with 33% of all incidents and 25% accounted for by this sector respectively.
Within industrial markets dataloss is dominated by hacking and malware – quite often both are inextricably linked. With remotely deliver / deployed malware being the weapon of choice for modern hackers who want to maintain that stand off capability,

Slide 6


Surprisingly for the first time over the last five years, the threat from malicious insiders has dropped from an average of 24% in previous years to an all time low of 6.5% in 2012. This may be explained by enhanced internal governance controls, education, culture and leadership investments
If we look at portable media -  the loss of DVD/CD is on the increase as well as mobile devices.
A key headline is that Despite a fall in reported incidents between 2009-2010 compared to 2008, the trend has reversed with a higher number of incidents reported in 2011, and total incident numbers in 2012 almost back up to similar levels as 2008.


Slide 7


Taking a global view teh US jumps out as the major source of data loss world wide.
This is both understandable from a regulatory point of view, listed companies in the US must disclose to the SEC if they suffer a breach,
But also understandable form simply the amount of consumers in America.

Slide 8


No text


Slide 9


Looking forward to future trends, as i mentioned before we expect to see an increase in hacking related data loss incidents simply due to the fact that most corporate now recognise that their network may already be compromised. This is the first step on the road to detection, quantification and ultimately eradication, but this will take a few years.
As case in point KPMG see on average a 4% botnet infection rate when we perform network intrusion analysis– used both by criminals and hackers alike to extract data from networks. None of the botnet related malware we discover is recognised by traditional antivirus controls, so we expect this infection rate to rise along with associated data loss.
The use of Mobile devices is rising at an alarming rate, facebook  reported a rise in mobile access users of 67% between 2011-12. rising from 325 million devices as of June 2011 to 543 million devices as of June 30, 2012. this will start to have an impact on us all as more companies move to a “choose you own device” model.
We live in a market where regulators are becoming increasingly intolerant of dataloss,  we feel its just a matter of time matter of time before  Mandatory reporting of data loss will be enforced across Europe, not just for personal data but for company sensitive data as well.

Many of our clients our clients are already preparing for regulatory change and are deploying new technologies and process to detect and react to loss.


Slide 11


Tactics for combating dataloss – as hacking is on the increase we need to adjust the way we think of data loss – its no longer accidental
Take a position. Who are your enemies and what are their motivations? What tools and techniques will they use and what will the impact be? 
Select your defences. Remember Policy before technology, Those controls you put in place for hacktivists could be quite different to those for state-sponsored corporate espionage. Know what threats you are going to defend against – if you try to prevent them all it gets very expensive 
Get the basics right. Fundamental security weaknesses such as patching is still an issue. Unpatched and out-of-date software has known vulnerabilities that leaves you susceptible to attack . Review the amount of data leaked online and through metadata in public acing documents, thses are easy picking for hackers performing reconnaissance on your network
Fit an Alarm systems. Many of us live with cyber alarm system which where deployed using 10 year old technology. Antiviruses and firewalls are not sufficient defences against sophisticated attacks. If you think you are at risk, you need to get a better monitoring system and do a network compromise analysis to uncover evidence of any breaches, and you will need specialists to analyse the output and respond to attacks.  
Behaviour and education. Make sure that your contractors and those in your supply chain recognise what the threats are, how to spot something suspicious, for example what phishing attacks are and how they might be targeted . Educating everyone within the organisation about the value and sensitivity of the information they possess and how they can protect it physically and online. Backing up employee training with procedures and a corporate culture that takes the SECURITY of information, seriously.


Slide 12


Security Consultancy of the Year  two years running – 2011 and 2012
Winner of MCA Strategy Award for security project
Full range of capabilities, from assessment to £25 million + transformation programmes
Over a hundred people in the UK, over a 1,700 globally
The only Big 4 firm authorised to assess security in critical UK government systems
A market leading thought leadership capability through I-4, the International Information Integrity Institute


Slide 13


Last slide contact details


Martin Jordan KPMG



Director KPMG LLP
+44 7768467896


KPMG Cyber Index


Share this

Share this