Over one billion data records were lost or stolen in over 1,500 corporate breach incidents during 2014*; the equivalent of 32 records every single second. Retail and Financial sectors were unsurprisingly the primary contributors in terms of the number of records affected, although it is the Healthcare sector that accounted for over 25% of the breaches reported, with Government, Technology and Education not far behind.
So no-one is safe, but how do you start to protect yourself?
Not surprisingly, the “malicious outsider” was responsible for the majority of incidents which prompts the obvious response of assessing the security of your perimeter by penetration testing or vulnerability scanning, but surely everyone does that now – and still the hackers get in perhaps through a phishing attack or other social engineering techniques.
There are now two key factors that will determine how much damage can be inflicted on your organisation, both requiring that you planned for this eventually well in advance:
How quickly can you identify the breach, respond to it and clean up the fall-out. Hackers will often leave tools discretely harvesting your data as it roams across the network or return to the scene of a crime to gain further rewards. Your protection is achieved through a blend of education, tools, technical capability and appropriate policies, enforced through backing from the top level and buy-in from the employee.
How data is stored and transmitted across your organisation. Sure, your customer credit card data is hidden away in an encrypted database with restricted access, but what happens when then data is needed elsewhere in the organisation – perhaps a refund or a financial audit – all too often this prompts the propagation of unprotected spreadsheets, shared by email or in file shares, making the data an easy target. Did your last PCI Audit really help to make you more secure or did you just treat it as a tick-box exercise to get the CFO off your case? Do you know where sensitive data really lives in your network?
However, it’s not just the threat from the outside that you should consider; 40% of the breaches reported in 2014 came from the inside, either accidental loss (25%) or malicious insider (15%). Thankfully, these too can be mitigated by many of the same steps identified above – knowing who has access to what data and having the policies implemented to know when it’s accessed and what normal (and therefore abnormal) behaviour looks. This will help you to identify breaches quickly and take appropriate action whilst they can be contained.
But if you do just one thing … Education, education, education! From having the technical capability in-house to develop and deploy systems securely, test yourself and respond to incidents to ensuring that everyone from the reception desk to the board room is aware how their actions affect your corporate standing is the cornerstone of effective security and ensures that you invest where it matters most … your people!
7Safe is a leading provider of cyber security and digital investigation advice, education and technical services to all technology-enabled organisations.
Since 2001, we have been helping organisations to develop, maintain and grow their cyber security and information investigation capabilities, increasing their overall trust in the systems that they operate, the information that they hold and the people who have access to it.
View article source