The cybersecurity field is always changing, especially as bad actors often change their strategies. Businesses need to be prepared to address a range of threats and vulnerabilities to protect their data, systems and networks.  

That said, data breaches are occurring at a more rapid rate. Network Assured’s data study on cybersecurity looks at which U.S. states experienced the most data breaches in 2022. 

There are 536,326 total New York businesses in the 2020 U.S. Census with 58,767 being in health and human services. As far as data breaches go, New York is ranked second behind California with 618 records in the PrivacyRights.org database. 

In 2022, the New York Department of Education experienced a breach of almost 900,000 students’ information that resulted in the exfiltration of students’ private information including names, gender, ethnicity, special education status and other information. 

2022 also saw a ransomware attack on Practice Resources, which resulted in the compromise of 924,138 patient records – Social Security numbers, names, dates of birth, treatment information and other PHI elements. 

To compare to other states, California with a little more than double the population and business count than New York is ranked first with 1,338 breaches, according to the study. Texas is ranked third with 581 data breaches in 2022 but has a much higher population than New York by nearly 10 million and has over 600,000 businesses, also higher than New York’s count. 

This is a worrying sign for New York residents. And to add to that worry, the state does not have a public record of its required breach reporting, according to the study. This is a lack of transparency that hinders security research and remediation efforts and forces researchers to find other less accurate sources or request records from the government that may not be disclosed. 

The lack of transparency also harms state residents. No transparent records of security incidents or data breaches supported by state laws means there is no way for individuals to be certain they haven’t been impacted by a breach.   

The state of New York is starting to take some action by paying attention to financial information and proposing data security regulations that would require companies to achieve a high-security baseline with a formal data security program, according to the study. The state is also investing in cybersecurity with the cybersecurity budget expected to rise to $61.9 million. 

Businesses and organizations cannot wait for the state to act, though. Every second delayed means bad actors stay ahead, which results in new data breaches. That is why organizations and businesses need to turn to MSPs. 

MSPs can play a key role in helping businesses to manage their cybersecurity risks as they provide businesses with specialized expertise, resources and tools to manage their cybersecurity risks and protect their critical assets. Some of the tools include proactive monitoring and response, threat intelligence, security assessments and testing, incident response and recovery as well as compliance and regulation.