Data breaches put critical data at risk, are a serious invasion of privacy, and it costs a ton of money to clean up the damage.
What is worse is that the cost is constantly on the rise; going up 23 percent in the past couple of years.
A new study by the Ponemon Institute, sponsored by IBM, dissected these costs in its 2015 Cost of Data Breach Study: Global Analysis report.
The study, which is aimed at large enterprises, found the average price tag for data breach cleanup is $US3.8 million.
What does this have to do with me?
There are also lessons to learn for smaller organisations because they often are more vulnerable to breaches. Many have fewer security tools, a small team or staff to mitigate security threats, and meagre training resources.
With data breach-focused attacks becoming more frequent and more sophisticated, small to medium sized organisations are experiencing greater consequences than their larger corporate brethren.
Large shops still take, on average, 256 days to even know there was a breach by an outsider.
Smaller organisations may take far longer, or only realise it when either customers complain about illegal use of their data, or when competitors act in a way that shows they have confidential data, or perhaps when a hacker makes an attempt at extortion.
So where do breaches come from?
According to the report: “Forty-seven percent of incidents involve a malicious or criminal attack, 25 percent concern a negligent employee or contractor (human factor), and 29 percent involve system glitches that includes both IT and business process failures.”
Ponemon and IBM didn’t go into detail about how a breach can be stopped in its tracks. But at GFI we’ve recently documented the risks posed by employees, including IT staff, in addition to the usual hacking and malware threats, and how these can be mitigated.
What steps to take?
If you’re looking for a few quick tips and tricks, here are five we recommend:
1. One area of attack is the insider space. According to the Verizon Data Breach investigations report, 14 percent of breaches are due to insiders. Treat insiders as potential corrupters and save yourself a lot of grief.
2. Human error is another factor that makes insiders so dangerous. According to CompTIA, 52 percent of all breaches come from human error. Here the answer is to train employees to protect company data, and not fall for scams through phishing and social engineering.
3. Technology is also critical. Many breaches come from email, so email security is paramount. Once again, train your employees to avoid phishing and make sure you use robust software to keep malware at bay.
4. The web is another source of danger, and here is where web monitoring makes sense. Scanning webpages and downloads before these are served to your users will mean enhanced protection.
5. The basics are also still very important. Make sure you regularly install software updates and patches, and that your anti-virus software is up to date, and end user firewalls are on.
Verizon makes a very good point: “The first step in protecting your data is in knowing where it is, and who has access to it.
From this, build controls to protect it and detect misuse. It won’t prevent determined insiders (because they have access to it already), but there are many other benefits that warrant doing it.”
This is accomplished by carefully reviewing end user accounts. First, you need to establish who has access to sensitive data and then implement a process where account activity is reviewed as soon as an employee gives notice or is terminated.
Preventative measures go a long way in the mitigation of data breaches.
Organisations need to start covering all bases because data breach attacks come for all angles, including from within.
Even though security might be seen as an extra expense in small to medium organisations, the real cost might be far greater after an attack.
By Doug Barney - GFI Software
