4 root causes of data breaches
Recent studies from the Ponemon Institute and IBM have found that the cost of a data breach for enterprises has increased 6.4% to $3.86 million per event. Meanwhile, the average cost of a data breach for an SMB has increased by a whopping 36%, totaling an estimated $120,000 per event plus an additional $149,000 to recover from the breach. Further, the intangible costs of a breach such as loss of reputation serve only to make cybersecurity top-of-mind for most SMBs today.
Cybersecurity is never a “one size fits all” solution and making the right decision about cybersecurity for your organization may be helped by gaining a better understanding the four primary causes (“attack vectors”) of most data breaches.
1. Your People
Systems and machines are designed to operate according to specific rules and parameters and to never deviate from them. Humans, on the other hand, think and feel for themselves and are subject to forms of social engineering by attackers. Social engineering is a practice used by attackers and other criminals to have victims or other people carry out the attacker’s own dirty work by leveraging human nature. Phishing emails, for instance, that rely on false urgency (“Oh, this message that looks like it’s from Google says that hackers have compromised my account? I better click on that link to reset my password right away…”) are just one of many forms of social engineering. Technical literacy as well as behaviors and attitudes regarding technology are also important here. The person at your company who doesn’t enable two-factor authentication or doesn’t regularly update their software or operating systems because they find it annoying fails to understand that this can be as risky to your organization as leaving keys in the front door.
2. Your Hardware
Cybercriminals often look for known vulnerabilities in “conduit devices” that can store, transfer, or process data. These devices include your networking equipment, IoT devices, just about anything found in a data center, and of course computers, laptops, and mobile devices. Be sure to regularly check for firmware updates for all of your hardware and physical tech infrastructure.
3. Configuration Exploits
Just keeping your network and systems up to date isn’t enough -- the way the components of your system are configured are just as, if not more, important. A top-of-the-line firewall, for instance, is meaningless if it’s not blocking the right types of network traffic or if its administrative credentials are still set to the factory default. Getting your configuration right also extends to how access rights to sub-systems and data are managed and how users within systems are managed. Many of the largest data breaches that you’ve probably read about in the news would not have happened had their systems been properly configured.
Systems going haywire all on their own is something that only happens in movies. In the real world, malware is one of the biggest culprits of cyber attacks. “Malware” is defined as software or code that performs harmful or unwanted actions. It’s an umbrella term that covers viruses, worms, trojans, ransomware, cryptojacking, seemingly legitimate-looking programs or applications that actually do real damage, and more. It’s also fairly common for malware to spread quickly from one system to another across internal networks and the web which is why it’s so important to be able to recognize suspicious email (“This message from a vendor says there’s an invoice attached -- but it’s a .zip file and not a PDF or Word for Excel document...?”) and have the right hardware and software regularly updated and properly configured.
Let's shift gears from causes of data breaches to how to prevent them. Traditional approaches to cyversecurity are focused on perimeterization ("keeping the bad guys out") but we all know that determined attackers never stop finding new ways to evade security measures. That's why we've engineered Atakama on the assumption that an attacker will one day breach a system, and when they do our multi-factor encryption technology ensures that an attacker won't be able to open or make use of any file protected by our software.
Contact our team today to learn more about how Atakama can effortlessly protect the files for your organization