Beset by Data Vulnerabilities? Look in the Mirror
The average cost of a global data breach is $3.86 million, and in the US this swells to $7.91 million per breach, according to the Ponemon/IBM cybersecurity study released in July 2018.
Criminal attacks were the most common type of data breach internationally. The study found:
- 48 percent of all breaches were caused by malicious or criminal attacks
- 27 percent were due to human error or negligence among employees or contractors
- 25 percent came from a system glitch
In the US, this breakdown was similar, with 52 percent criminal, 25 percent human error, and 23 percent system glitch. A nationwide survey released by the Hartford Steam Boiler Inspection and Insurance Company (HSB), part of Munich Re, found that of those businesses hacked in the previous 12 months, 72 percent spent more than $5,000 to investigate each cyberattack, restore or replace software and hardware, and deal with other consequences. That is considered cheap.
What struck me is the high percentage of human error and system glitches. The 52 percent criminal could be broken down again by segregating malicious employees, although we would hope that number would be negligible. A significant reduction in data compromise can be achieved just by strengthening your security posture internally. The goal should be to eliminate, or minimize, internal vulnerabilities and set your sights on catching the bad actors.
So how to do this? First of all, do protect your perimeter. Netwrix, our parent company, has state-of-the-art software that provides tools to do just that. This is not just marketing hype. Let’s discuss the internal challenges. The 23 percent of system glitches can be minimized by putting in place a forward-thinking plan, which provides notification of potential system security gaps and helps staff plan for patches and upgrades. Yes, that takes work, but either you want to build up the security of your organization or you don’t. It’s really that simple.
Now let’s look at the 25 percent human error. We’ll add another 5 percent for malicious employees, so we are dealing with 30 percent – a significant dent in your security armor. Although every organization is different, let’s throw into this mix your customers and their privacy data. Exposing privacy data has some interesting business ramifications, but that requires another blog to scare the wits out of you.
Most attacks enter via email, with a user clicking on an email attachment or a link within an email. These incidents of business email compromise (BEC), sometimes called credential phishing, are designed to get you to transfer money electronically, attempting to convince you they come from a legitimate voice of authority.
Organizations shy away from training on how to recognize these threats. Train your end users – not just once but make it a frequent exercise. There are companies that will do it for you, or you can put together a pretty good agenda using online tools and recommendations, such as understanding the top 20 email subject lines used by cybercriminals. Will you potentially have an errant user who forgets? Yes, but the more you train, the less likely that becomes.
If your organization is like most, it has unstructured or semi-structured content stored in sometimes outlandish places. Many hidden repositories you don’t even know about, containing content you never knew existed. Take the case of email. How many times is a presentation resent in its entirety to a slew of people? What if it contains sensitive information?
How often is seemingly innocuous customer information included in an email that is then part of a data breach? And what about your business partners? The average Office 365 account has a whopping total of 72 partners. Are you certain that no employee will provide a partner with access to information that should be protected when collaborating?
How many times do your own employees have access to confidential or sensitive information that they are not authorized to access? If you use OneDrive for Business, do you check in real-time for potential exposures? You should, they happen every month. Helpful hint – check for files containing ‘password’ in the name.
Still with me? What has been unattainable for many is the ability to identify potential exposures based on the context within the content. Traditional metadata farming is often faulty and unreliable, and can’t be relied on for informed decision making. Our software platform, conceptClassifier, uses algorithms – what we call compound term processing or concepts in context – to identify the most significant patterns in any text.
These multi-word terms are then used to generate non-subjective metadata, based on an understanding of conceptual meaning in the form of not only concepts but topics, subjects, and key phrases. The phrases, word strings, keywords, and acronyms identified are then auto-categorized to a hierarchy, or taxonomy, and used by a taxonomy administrator to rapidly deploy enterprise taxonomies and implement workflow rules.
What this means is that all your unstructured and semi-structured content will be tagged with highly relevant metadata, and auto-categorized to one or more taxonomies. Doesn’t matter where the content exists or what format it is in. Workflow rules can be rapidly deployed to find instances of data privacy and sensitive information exposures, perform cleansing of file shares and diverse repositories, enforce secure collaboration at the granular content level, and achieve automatic records identification and declaration.
And that covers all your data. Our software is still unique in the marketplace, and because it provides an underlying technology framework our clients use it for a multitude of applications. Hey, it doesn’t hurt to see it in action. I think any techie or beleaguered business exec would find it thought-provoking and intriguing. We could all use a little of that.