Data Breach Strategy
The latest Verizon Data Breach Investigations Report is out, and the verdict is in: data breaches are on the rise. While the news shouldn’t surprise anyone, there are some actionable insights to help improve cybersecurity organizational approaches and reduce regulatory risks.
The numbers don’t lie
Since its first release in 2003, this report has identified human error and carelessness as two of the biggest data breach enablers found in organizations worldwide. While these actions are both avoidable, they’ve consistently been the top culprits contributing to data breaches.
Despite the rise in awareness around bad user habits and the availability of a proliferation of security solutions on the market, the figures in the 2017 report reveal that user behavior is still the biggest threat:
- 81% of hacking-related breaches leveraged either stolen or weak passwords
- 39% of breaches occurred in Financial Services and Healthcare – two of the most heavily regulated industries
- 51% involved criminal gangs
- 25% of breaches involved internal actors
- 21% were related to espionage
The report provides a very sobering view on the top risks associated with breaches that doesn’t seem to be getting any better. So, what’s the best way to reduce your chance of being breached? Let’s take a look.
The password double-edged sword
Stolen or weak passwords are a hackers delight. Once they guess or obtain your password, all of your information is theirs for the taking. This is why users are encouraged to keep changing their passwords or use complex passwords that are hard to guess. Using simple Multi-Factor Authentication (MFA) technologies not only increases security, but also provides a second layer of proof. By identifying the user by password AND something else, such as access to a specific physical device, it’s harder for hackers to crack your info.
If you work in Financial Services or Healthcare, you should immediately up your password game. Both industries are attractive to hackers due to the amount of sensitive information they can gather by cracking your code. For example, medical records are extremely valuable and can lead to fake ID creation and/or identity theft – both of which are big money makers on the black market.
Where’s the leak?
The internal actors that commit 25% of data breaches are just bad business. These breaches – which are commonly committed by employees, partners, contractors – demonstrate that the organization breached does not have their content under control and out of harm’s way. If an employee requires access to specific data or files to do his/her job, that individual should have access to only that – not everything.
For example, contractors should only have access to the information they need to complete their job. Once that job is done, access should be removed quickly. When access to sensitive information is required, using tools such as Information Rights Management (IRM) ensures that only specific actions can be taken with that content (e.g., read-only, no printing), and watermarking clearly identifies the origins of a document right on the page, allowing use but not theft.
When bad actors achieve unauthorized access, all sensitive business information or Personally Identifiable Information (PII) should be unattainable. Encryption prevents classified information from ending up in the wrong hands, and functionalities like IRM or Customer Managed Encryption Keys (CMK) ensure access to content can be switched off, helping prevent espionage.
Data breach concerns are universal
Organizations in all industries face data breach issues. By ignoring them, you run the risk of not only losing business information, but also the potential loss of PII. The consequences can be more than just the prospect of non-compliance with regulatory issues, such as the impending GDPR, but reputational risk is also a possible outcome— resulting in lowered market value and loss of customers.
How can data breaches be prevented?
The first step to preventing data breaches is to take on the “not if, but when” mindset – be paranoid. By following simple steps outlined above, such as incorporating MFA into password-protected systems and using secure cloud collaboration technologies, you can reduce the likelihood of being breached and protect both your organization and sensitive information. However, you have to constantly monitor your security posture and that of your cloud vendors. Many cloud vendors have a security posture that is more secure than your own, use all the resources available to you Choose your cloud vendors carefully and you’ll be able to rely on them to keep your information private and secure.
By Daren Glenister