SEATTLE (1/26/15)--More than 90% of data breaches that occurred in the first half of 2014 could have easily been prevented, according to the 2015 Data Protection Best Practices report from the Online Trust Alliance (OTA).
The nonprofit organization, which has a mission to "enhance online trust," analyzed more than 1,000 breaches involving the loss of personally identifiable information in 2014.
It found that 40% were the result of external intrusions, 29% were caused by employees due to a lack of internal controls, 18% were due to lost or stolen devices or documents and 11% were due to social engineering scams or fraud.
According to OTA, its recommendations for assessing third-party vendors would have prevented and contained the breaches at Target and Home Depot--breaches that have cost credit unions close to $100 million.
Some of the recommendations included in the report are:
OTA has also included a risk assessment guide as part of its report. The policies in the guide echo the proposals outlined by President Barack Obama his recent remarks regarding data security.
The Credit Union National Association continues to urge the U.S. Congress to increase data security standards for merchants so they are more aligned with the higher standards required of credit unions and other financial institutions. (See story: CUNA, trades unite to urge Congress on data security action.)