Full Text

This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.

The number of U.S. data breaches tracked in 2014 hit a record high of 783, according to the Identity Theft Resource Center (ITRC), a whopping 28% increase over the number reported in 2013, and an 18% jump over the previous high of 662 in 2010. And the news gets worse. The ITRC reports that data breaches in 2015 are on pace to break records both in the number of breaches and the number of records exposed.

A review of the ITRC 2015 Breach List (pdf) indicates that many of the breach types are listed as "electronic." In other words, it wasn't simply a case of an employee losing a laptop, but an intentional intrusion of a network or system.

It's probably safe to say that many if not most of the organizations that suffered a breach have some sort of network security in place designed to prevent or detect breaches. Maybe an IDS or IPS, or a SIEM, or a layered combination of technical safeguards. Whatever technology was in place, it wasn't effective enough to prevent the breach.

With the massive changes in IT infrastructure, the disappearance of the network perimeter, and the failure of existing technologies to prevent malware, there's a dire...