The key to reducing the damage that data breaches can cause is to spot them quickly. Ponemon Institute’s 2018 Cost of a Data Breach Study found that organisations that identified a breach within 100 days saved an average of £2 million per incident.
But to be able to spot a data breach you need to know what to look for. In this blog, we break down five common causes of data breaches, along with tips for staying safe.
Weak and stolen credentials
Poor passwords are reportedly exploited in 81% of data breaches. It’s one of the simplest ways to commit cyber crime, because if you have access to someone’s account you don’t need to bother with hacking tools or social engineering techniques.
It doesn’t take a lot of effort: cyber criminals use a computer program to run through thousands, if not millions, of commonly used passwords until they find a match. This normally doesn’t take long because, despite repeated warnings, people persist with simple and commonly used passwords. It’s 2018, people: you can do better than ‘123456’ or ‘Password’.
Another important tip is to make sure nobody steals your credentials. You can have a near-impenetrable passphrase, but it’s no good if you leave it written down for anyone to see. If you absolutely must make a note of your password, keep it out of sight and be sure not to throw it in the office bin.
People usually get unduly angry when an application announces that it needs to update. They might be a little more patient if they realised this was crucial to keeping them safe from cyber criminals.
All software is prone to technical vulnerabilities that crooks could exploit in a variety of ways. That’s why the people responsible for maintaining those programs routinely look for and address exploits before they are discovered by criminals.
Organisations that use these systems should use a patch management programme to make sure they have applied the latest updates.
Malware is a perfect example of just how simple cyber crime can be. Here’s how it works: crooks purchase a piece of malware that’s designed to exploit a specific vulnerability. They find a system that contains that vulnerability. They plant the malware. They scoop up the rewards.
There are many types of malware you need to be aware of, including adware, spyware, bots, ransomware, Trojan horses, viruses and worms. It’s often hard to know when you’ve been infected, as some malware draws as little attention to itself as possible.
Other malware, such as ransomware, makes its presence clear, locking users’ computers and demanding payment for the decryption key.
You can generally suspect that you have been infected if your computer:
- Slows down, freezes or crashes;
- Creates new files, or modifies or deletes existing ones;
- Automatically runs, turns off or reconfigures programs; or
- Sends emails or messages to your contacts.
Many of your employees will have access to sensitive information, and you must always assume that there’s a chance that someone will attempt to misappropriate it. That sounds cynical, but unfortunately the lure of financial gain from selling data on the dark web is too great for many.
Employees are also likely to use sensitive information maliciously if they feel disgruntled at work or if they have left an organisation under poor terms and still have access to its systems.
You can reduce the threat of former employees breaching your organisation by ensuring their access is cut off as soon as possible. Things are naturally more difficult when it comes to current employees, because they often need access to sensitive information to do their job. Implementing access controls will help, as this ensures employees can only view information that’s relevant to their job role.
You should also consider bolstering your cyber security culture. If you emphasise cyber security and show that you are taking it seriously, malicious employees are likely to realise how hard it is to get away with data theft.
Employees don’t have to act maliciously to commit a data breach. They might simply make a mistake, such as including the wrong person in the cc field of an email, attaching the wrong document or losing a laptop.
Insider error is often the result of a lapse in concentration, which makes it almost impossible to prevent. You can’t expect your workforce to never make mistakes.
What you can do is implement safeguards to minimise the damage. For example, sensitive information stored on a work-issued laptop should be encrypted to prevent misuse if it’s stolen. Similarly, access controls will ensure that an employee who was sent a document in error won’t be able to view it.
More tips on staying secure
Hopefully you now have a few ideas of what you can do to improve your organisation’s cyber security defences. But there’s one last thing we need to clarify: the threats listed here aren’t things that might occasionally happen if you’re not careful. They happen every day to organisations across the globe, many of whom were previously confident in their cyber security defences.
For an idea of just how serious the problem is, consider that Ponemon Institute estimated that organisations have a 27.7% chance of suffering a data breach in the next two years.
It’s paramount that you don’t take any half-measures when it comes to cyber security. You need to review your current set-up and identify where improvements need to be made as soon as possible. You also need to make sure you have a plan for when a breach does happen. Organisations that are prepared for data breaches are much more likely to contain an incident quicker and reduce the financial and reputational damage it causes.
You can find advice on where to begin in our Breach Essentials bundles. Each package contains an assortment of guides, toolkits and staff training to help you protect your organisation.