Menu
INSIGHT: Data breaches getting worse, costing more

INSIGHT: Data breaches getting worse, costing more

Data breaches put critical data at risk, are a serious invasion of privacy, and it costs a ton of money to clean up the damage.

Data breaches put critical data at risk, are a serious invasion of privacy, and it costs a ton of money to clean up the damage.

What is worse is that the cost is constantly on the rise; going up 23 percent in the past couple of years.

A new study by the Ponemon Institute, sponsored by IBM, dissected these costs in its 2015 Cost of Data Breach Study: Global Analysis report.

The study, which is aimed at large enterprises, found the average price tag for data breach cleanup is $US3.8 million.

What does this have to do with me?

There are also lessons to learn for smaller organisations because they often are more vulnerable to breaches. Many have fewer security tools, a small team or staff to mitigate security threats, and meagre training resources.

With data breach-focused attacks becoming more frequent and more sophisticated, small to medium sized organisations are experiencing greater consequences than their larger corporate brethren.

Large shops still take, on average, 256 days to even know there was a breach by an outsider.

Smaller organisations may take far longer, or only realise it when either customers complain about illegal use of their data, or when competitors act in a way that shows they have confidential data, or perhaps when a hacker makes an attempt at extortion.

So where do breaches come from?

According to the report: “Forty-seven percent of incidents involve a malicious or criminal attack, 25 percent concern a negligent employee or contractor (human factor), and 29 percent involve system glitches that includes both IT and business process failures.”

Ponemon and IBM didn’t go into detail about how a breach can be stopped in its tracks. But at GFI we’ve recently documented the risks posed by employees, including IT staff, in addition to the usual hacking and malware threats, and how these can be mitigated.

What steps to take?

If you’re looking for a few quick tips and tricks, here are five we recommend:

1. One area of attack is the insider space. According to the Verizon Data Breach investigations report, 14 percent of breaches are due to insiders. Treat insiders as potential corrupters and save yourself a lot of grief.

2. Human error is another factor that makes insiders so dangerous. According to CompTIA, 52 percent of all breaches come from human error. Here the answer is to train employees to protect company data, and not fall for scams through phishing and social engineering.

3. Technology is also critical. Many breaches come from email, so email security is paramount. Once again, train your employees to avoid phishing and make sure you use robust software to keep malware at bay.

4. The web is another source of danger, and here is where web monitoring makes sense. Scanning webpages and downloads before these are served to your users will mean enhanced protection.

5. The basics are also still very important. Make sure you regularly install software updates and patches, and that your anti-virus software is up to date, and end user firewalls are on.

Verizon makes a very good point: “The first step in protecting your data is in knowing where it is, and who has access to it.

From this, build controls to protect it and detect misuse. It won’t prevent determined insiders (because they have access to it already), but there are many other benefits that warrant doing it.”

This is accomplished by carefully reviewing end user accounts. First, you need to establish who has access to sensitive data and then implement a process where account activity is reviewed as soon as an employee gives notice or is terminated.

Preventative measures go a long way in the mitigation of data breaches.

Organisations need to start covering all bases because data breach attacks come for all angles, including from within.

Even though security might be seen as an extra expense in small to medium organisations, the real cost might be far greater after an attack.

By Doug Barney - GFI Software


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber securityGFI Software

Featured

Slideshows

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Reseller News has honoured the leading female front runners of the New Zealand ICT industry at the 2019 Women in ICT Awards (WIICTA) in Auckland. The awards recognised standout individuals across six categories, spanning Entrepreneur, Rising Star, Shining Star, Community, Technical and Achievement. Photos by Gino Demeer.

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA
Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Show Comments