The UK’s competition regulator has revealed that it was targeted by more than 150 data breach (opens in new tab) incidents in the past two years.
Despite online cybersecurity (opens in new tab) hitting headlines on a daily basis, many organizations in the private and public sectors continue to suffer cyberattacks. Now, the Competitions and Markets Authority (CMA) in the UK has confirmed that across 2019 and 2020 there were 81 cases of unauthorized disclosure of information, while 40 devices were lost or stolen.
Given the role that the CMA plays within the UK business landscape, any information that falls into the wrong hands could be hugely damaging for the organizations concerned. In its regulatory role, the CMA handles internal business reports, email communications, and other sensitive data, which malicious actors could ultimately profit from.
- We've built a list of the best endpoint protection (opens in new tab) services out there
- Check out our list of the best antivirus (opens in new tab) services around
- Here's our list of the best disaster recovery (opens in new tab) software on the market
Defending your data
Despite the sensitive nature of the information handled by the CMA, it seems that its data loss prevention (opens in new tab) safeguards are not working as well as they could be. The number of breaches that have taken place over the last two years is more than the 145 recorded across 2017 and 2018, indicating that its defences are in need of improvement.
Fortunately, there has been no indication that any of the CMA’s investigations were compromised by the breaches, although five of the incidents were reported to the UK’s data regulator, the Information Commissioner’s Office. Three of those even lead to procedural or technical changes being implemented to prevent similar incidents from occurring in the future.
The admission suggests that government agencies need to strengthen their data breach protection policies in the face of increasingly sophisticated cyberattacks, as no matter how security-conscious an organization is, data breaches can and will occur.
Often they are accidental, with personnel being tricked into sharing sensitive information or misplacing company data. Using security hardware keys (opens in new tab) or secure USB drives (opens in new tab) can be helpful in some cases, but often employee security training is the best method for bolstering cyberdefences.
- Here's our list of the best ransomware protection tools (opens in new tab) right now
Via Bloomberg (opens in new tab)