The Identity Theft Resource Center (ITRC) has released a report analyzing H1 data breach incidents for 2024. According to the report, there was a 490% rise in data breach victims in H1 of 2024 compared to H1 of 2023. Yet, Q2 had 732 publicly reported data breaches, which represents a 12% decrease from Q1.
Security leaders weigh in
Stephen Kowski, Field CTO at SlashNext:
“The surge in breach victims is likely due to several large-scale breaches of major companies with extensive customer databases. Increased remote work has expanded the attack surface for many organizations. Additionally, more sophisticated attack methods powered by AI are allowing cybercriminals to breach defenses at an accelerated rate.
“Organizations should implement AI-powered controls across all messaging and communication channels to stop initial credential harvesting attempts. A zero trust security model with multi-factor authentication is crucial. While regular security awareness training is important, it’s insufficient alone against sophisticated phishing and social engineering attacks. Robust, AI-driven email and messaging security that can detect and block advanced threats in real-time is essential to mitigate large-scale data breach risks.
“Employee training plays a complementary role in preventing data breaches. While it can’t stand alone, well-designed security awareness programs help staff recognize evolving threats and reinforce best practices. Training should be frequent, engaging and include simulated phishing tests. However, human vigilance has limits. To truly mitigate risks, organizations must combine training with advanced technological defenses, particularly AI-powered controls across all communication channels. This dual approach addresses both the human factor and the sophisticated nature of modern cyber threats.
“Organizations need to adopt a proactive, multi-layered approach to security that combines technology, processes and people. This includes implementing advanced threat detection systems, regularly updating incident response plans and fostering a culture of security awareness. Transparency and quick response in the event of a breach are also crucial for maintaining consumer trust.”
Chris Morales, Chief Information Security Officer at Netenrich:
“Today, we’re seeing a rise in sophisticated, AI-enhanced attacks. Advanced persistent threats, supply chain vulnerabilities and highly convincing social engineering tactics are becoming more prevalent. Attackers leverage machine learning to create targeted phishing campaigns and even deepfakes for business email compromise. This evolution underscores the need for security operations to become more data-driven and adaptive.
“When it comes to the surge in breach victims, several factors are at play: expanded attack surfaces due to remote work and cloud adoption, more sophisticated ransomware attacks often involving data exfiltration and the democratization of attack tools through ransomware-as-a-service. We’re also seeing larger-scale breaches affecting millions of users at once. This surge not only highlights the urgent need for a paradigm shift in security operations, but it also underscores the need for immediate action, moving towards more proactive, data-driven strategies.
“Organizations should implement comprehensive SecOps solutions that provide holistic visibility across their IT environment. Leveraging advanced data engineering and AI within these frameworks can enable continuous, adaptive threat detection and response. Adopting a “zero-trust architecture,” which means that no user or system is by default trusted, even if they are inside the corporate network, is a crucial strategy. This approach, along with regular vulnerability assessments and employee cybersecurity training, is vital. The key is to build a continuous feedback loop in security operations, constantly learning and adapting to the evolving threat landscape.
“Organizations need to embrace continuous improvement and adaptation in their cybersecurity strategies. This involves regularly reassessing risk postures, investing in threat intelligence capabilities and fostering a culture of security awareness. The future lies in more autonomous, data-driven security operations, using AI and automation to handle routine tasks while freeing human analysts for strategic issues. By aligning people, processes and technology around a data-centric approach, organizations can significantly enhance their security posture and maintain customer trust in an ever-changing threat landscape, emphasizing the need for a holistic approach to cybersecurity.”
Justin Kestelyn, Head of Hacker Community Marketing at Bugcrowd:
“At the highest level, attack vectors are trending toward becoming more diversified, targeted and sophisticated — which is a reflection of the increasing number of well-financed and well-organized adversaries in recent years; malicious hacking is now big business. To be more specific, (1) phishing and other social engineering attacks have become extremely personalized, convincing, and effective; (2) adversaries have learned that attacking adjacent, relatively unhardened targets (e.g. in supply chain partners) offer productive lateral movement opportunities; and (3) generative AI is becoming a useful tool to help amplify existing techniques (e.g., for personalizing phishing attacks).
“The rise in breach victims is due to a combination of better technique (as described above) and more complex attack surface. With respect to the latter, companies have become very good at integrating public cloud providers in everything they do, using code written by third parties (e.g. open source libraries), and integrating data from multiple sources. That leads to an increase in attack surface complexity and security gaps, all of which are catnip for adversaries.
“The most urgent thing organizations can do is to become proactive about cybersecurity by first admitting and assuming that (1) vulnerabilities are inevitable, and (2) that adversaries are inspecting your attack surface for them every day. Leading with those assumptions will transform how cybersecurity is defined and done in your organization.
“The best way to prepare is to have access to solutions that evolve along with that landscape — for all their benefits, automated solutions are built to fight yesterday’s battles, not to handle emerging ones such as AI safety and security vulnerabilities. That’s where access to human ingenuity enters the chat, because nobody has built a tool that adapts to (and anticipates) the environment as quickly as the human mind. This approach is also critical for maintaining consumer trust because it signifies a commitment to doing everything proactively possible to protect their interests.”