PORTLAND, Ore., April 02, 2024 (GLOBE NEWSWIRE) -- RadarFirst, the SaaS leader in automating intelligent decisions, released the 2024 Privacy Incident Management Benchmarking Report, revealing the latest trends and insights in data breach resolution. The report showcases the median time to resolution continues to decrease when organizations adopt Radar® Privacy, with customers now averaging 21.5 days per incident. This highlights the efficient and effective incident management processes implemented by RadarFirst customers, setting a new standard for data breach response.
“Privacy incidents are a growing concern for organizations of all sizes and industries. With the constantly evolving regulatory landscape and the increasing costs associated with data breaches, maintaining customer trust depends on how effectively organizations protect personal information and manage privacy incidents,” said Don India, CEO of RadarFirst. “Our 2024 Privacy Incident Management Benchmarking Report provides valuable insights into the challenges faced by companies that use personal data to improve their offerings, and the benefits of having an incident management solution like Radar® Privacy.”
Key findings:
- Median time to data breach resolution reaches new low at 21.5 days for Radar Privacy customers
- 250% increase in data breaches when incidents originate from third parties
- 93.5% of incidents are caused by human error
- 3.3x increase in large, complex privacy incidents since 2018
- 7.1% of assessed incidents were notifiable data breaches
- Intentional incidents increased across industries
For RadarFirst customers, data breach resolution continues to accelerate. The median time from discovery of an incident to notification has been reduced to 21.5 days for all industries, with industry leaders in finance notifying within 14.2 days and insurance organizations notifying in 16.1 days. Organizations with Radar® Privacy continue to improve in median time to risk assessment, increase speed to notification, and reduce notification rates.
Organizations are facing an increase in data breaches caused by third parties. According to the report, when an incident involving personal information occurs at a third party, the upstream company increases the probability of notification obligations by 250%. Using third parties can be highly valuable to augment staffing gaps and to increase functional expertise, but exchanging data with vendors, suppliers, and contractors requires having an incident management program in place to mitigate potential risks.
RadarFirst found that 93.5% of privacy incidents originated from human error in 2023. While all incidents require a privacy risk assessment, this finding illustrates the need for a well-defined incident management program to build organizational awareness, reduce unnecessary notification, and mitigate risks of non-compliance with regulatory requirements.
Large, complex incidents have risen 3.3x since 2018 across industries, including healthcare, insurance, financial services, retail, and hospitality. These incidents typically involve multiple state and federal jurisdictions, each with unique obligations and notification timelines. As most incidents occur as the result of human error, reliance on prevention alone cannot mitigate risk from such incidents, highlighting the need to support incident management programs. Failure to do so puts organizations at risk and could expose customers and partners to potential harm.
7.1% of incidents qualified as data breaches, requiring notification. Without automated risk assessment technology, organizations that notify under a “presumption of breach” to meet compliance with regulatory timelines notify 100% of incidents. However, streamlining incident management with Radar® Privacy allows organizations to reduce notifications by 92.9%, and limit reputational harm associated with overdue notifications while maintaining accurate records of all incidents for future reference and potential audits.
Intentional incidents increased across industries, accounting for 60% of all notifiable breaches. Within notifiable incidents, nonmalicious activity caused 11.7% and unintentional human error caused 6.2%. Regardless of how incidents originate, being prepared with a consistent, documented approach to incident management is the best way to manage breaches and mitigate the impact.
To download the full report, click here.
About RadarFirst
RadarFirst offers SaaS solutions to automate intelligent decisions and simplify obligation decision-making as mandated by new and evolving privacy and compliance regulations. Enterprises and organizations trust the patented Radar® Privacy product to automate privacy incident management for consistent, documented breach notification decisions. Learn more at www.radarfirst.com.
Photos accompanying this announcement are available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/278031b6-4c4c-4570-8c38-91516b4fe63d
https://www.globenewswire.com/NewsRoom/AttachmentNg/e4a4ddf7-2415-4c79-8ebd-85ea44a2bdb0
Contact
