The Verizon Business 2011 Data Breach report was issued this week and we were not surprised to learn that theft of personal credit card information declined in 2010. This was due in large part from saturation within the market of this information as a result of breaches throughout years previous.
Without tooting our own horn, this is a case of “we told you so.”
Since we haven’t seen massive breaches like we did a few years ago, the number of new card numbers available through sell dumps is going down. This means that we could see a rise in prices again, which could mean more breaches as supply goes down and demand stays constant.
We may be fooling ourselves about the effectiveness of new security measures and the impact of law enforcement’s recent busts of high-profile hackers like Albert Gonzalez. This could be a false sense of security.
Really, what is likely to be happening here is that hackers aren’t focusing on stealing card data because the economics of it just aren’t very rewarding. As we see, cards cancel and expire and those old stockpiles will become less valuable, and as prices rise at the sell dumps the economic incentive for hackers to steal card data again may mean that we’ll see more breaches.
As the old saying goes, when one door closes another opens. And as our compliance officer Markiyan Malko recently stated, “mobile is the moving target right now.”
The report states that we’ll see an increase in theft of data from mobile devices over the next two years. And we’re not arguing that. As the report points out, up until a year ago CxOs were technology indifferent, but with the release of the iPad they now want the ability to use them within the enterprise, so they do and security must meet these growing demands. Until it does, mobile devices (iPads, smartphones, etc.) will be ripe for the picking.
We’ll be curious to see what next year’s report brings and if once again we were right on the money with our predictions.