Report finds more than a fifth of S&P 500 firms hit by data breaches in 2023

A new report out today from security ratings firm SecurityScorecard Inc. today on security at S&P 500 companies finds that 21% experienced a data breach in 2023, as new regulations heighten the urgency of cybersecurity.

The targeting of S&P 500 companies is said to be due to attackers chasing money, with ransomware operators viewing top companies as particularly valuable targets thanks to their market value and demand accordingly high ransoms. Attackers know that bigger targets are typically capable of paying high ransoms.

Of the S&P 500 companies that experienced a breach in 2023, 25% were financial services and insurance companies. Although the report notes that financial institutions have some of the most robust security programs given the substantial money and assets they handle, the interconnected nature of the financial sector means that compromising one institution or commonly used product can lead to broader impacts across the entire industry…