In 2023, the frequency of personal data breaches in Russia appears to have surged by a wide margin, with estimates ranging from 50% to 150% compared with the previous year. This assessment was shared with socialbites.ca by Evgeny Tsarev, head of RTM Group, a firm that specializes in cybersecurity. He notes that the uptick in incidents is particularly pronounced in the first quarter of 2023.
Tsarev explains that the shift stems from a rapid move by many organizations toward native software solutions, a rise in in-house development, and broader disruptions to supply chains, all paired with aging IT hardware and equipment. He points to a structural loosening of security controls as a key driver behind the growth in breaches.
According to his findings, nine out of ten breaches investigated by RTM Group in 2023 originated from failures in standard security management practices. The breaches typically involved mistakes during the installation or deployment of new software, as well as the use of non-standard equipment. The use of open source software with known vulnerabilities also contributed to the problem.
Looking at historical context, Tsarev notes a clear upward trend: breaches caused by lapses in standard security measures rose from roughly 40% three years ago to over 55% two years ago, and to about 80% in the first quarter of 2022. This progression underscores how quickly security weaknesses can become systemic when management processes lag behind technology adoption.
Tsarev adds that addressing the risk will require a multi-year effort to research, test, and validate new developments before they are rolled out widely. In the interim, the ongoing risk of new, large-scale data leaks remains substantial. He argues that sustained investments in information technology departments and rigorous testing of software before deployment will play a crucial role in elevating defenses and reducing incident rates across enterprises in North America as well as globally.
Independent reporting from socialbites.ca has previously highlighted new security gaps in popular platforms like Outlook and Office 365, illustrating the continuing exposure many organizations face when accounts and services are integrated into broader networks. The takeaway for North American companies is clear: proactive risk management, consistent security training, and verified deployment practices are essential to strengthening resilience against evolving cyber threats.