NEWARK, N.J., Feb. 22, 2023 /PRNewswire/ — Network Assured shared the results of a recent data study on cybersecurity, that looked at which U.S. states had suffered the most data breaches in 2022. The study looked at data breaches from all industries, to rank the states where businesses faced the highest risk of cyberattack to the lowest. It also reported the number of data breaches relative to each state government’s investment in cybersecurity initiatives.
Network Assured compared data from State Attorneys Generals and the Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) Office of Civil Rights’ (OCR), along with public reporting of state budgets for cybersecurity.
It also compared data breach statistics with the number of registered business entities in each state to establish a “breaches per 1000 business entities” value that helped rank each state’s relative cybersecurity performance.
Cybersecurity Risks in America: Neither Big State nor Small State is Safe.
While expectedly, California, with its high concentration of businesses in technology and healthcare recorded the highest number of data breaches at 1,338, the relatively small state of Maryland ranked 5th worst in the nation with 343 breaches.
Other study results indicated that:
- 3 of the worst 10 data breaches of 2022 were against companies in California. 2 of those 3 data breaches were against the same company: Twitter.
- Despite being the nation’s worst state for data breaches, the state government of California spends less on Cybersecurity than New York, Texas, Florida, and even Maryland.
- In 2022, Florida had more than 4 times the number of data breaches per 1000 registered healthcare entities than any other state in the country. It recorded 4.73 breaches per 1000 healthcare entities, compared to New York’s 1.15.
- Texas was the 3rd worst state in the country for data breaches despite having the highest state government budget for cybersecurity endeavors, at $800 million dollars.
Is Government Spending on Cybersecurity Effective?
The study suggests that a state government’s investment in cybersecurity programs does not correlate with a reduction in the risk of data breaches in that state. Texas committed more to cybersecurity initiatives in 2021 than any other state, at $800 million. Despite this, it ranked 3rd worst in the nation for its number of data breaches.
Other states have taken a more proactive approach to their cybersecurity risk. After suffering a number of high profile breaches, Maryland committed more than $200 million to cybersecurity initiatives in 2022, more than the cybersecurity investments of California and New York combined.
Lack of Transparency Around Data Breaches Puts Americans at Risk
The study revealed that certain states – New York is one – does not maintain a public record of data breaches, even though it requires companies to report them. According to study author Aaron Weissman, “This harms the residents of a state. If there are no transparent records of security incidents or data breaches supported by state laws, there is no straightforward way for individuals to be certain they haven’t been impacted by a breach, and take the necessary measures to protect themselves.”
Other states have a much better reporting system for data breaches, like Texas, that publicly records all reported breaches, including the type of information that was compromised and the number of Texans affected.
To see the complete findings, including the states that incurred the least data breaches, along with full color charts, please see visit the study here.
About Network Assured
Network Assured is a free, independent advisory that helps businesses price cybersecurity services, perform due diligence, and find better vendors. Learn more at www.NetworkAssured.com.
Andrew Hansen, Founder
SOURCE Network Assured