A masked person using a laptop

How to Avoid Costly Security Breaches and Data Risks

8 Mar 2017 by Christine Kern

This article originally appeared on January 3, 2015, and has been revised to bring our readers the most up-to-date technology information.

As newer technologies make it easier for us to store and access information, it creates new opportunities for security breaches and data risks that can affect thousands or millions of people in a single attack. Avoiding threats starts with the datacentre you choose and continues with protection protocols you put into place.

Falling victim to security breaches

It seems as though every month we hear news of another notable organisation falling victim to a security breach where sensitive information and data is exposed. In fact, according to USA Today, 43% of companies experienced a data breach in the past year, up 10% from the previous year. The latest security breaches create a concerning trend, one that has organisations scared stiff. Many are re-evaluating their technology initiatives or scrutinising their existing technology infrastructures as a result.

Data shows there were more than 1.5 million monitored attacks in the United States in 2013, according to the IBM Security Services 2014 Cyber Security Intelligence Index. These incidents are sometimes part of a complicated cyber security breach from large-scale, sophisticated sources. At other times, the massive damage is carried out in a simple, straightforward manner. A 2013 China report of government data security breaches revealed a tax bureau employee secretly copied resident information from the bureau’s internet onto a USB drive, and then sold it. Since such data can fetch a handsome sum on the black market, the propensity for these breaches is exponential.

And with the proliferation of work devices, multiple networks and technology in general, points of entry for hackers have skyrocketed, dispersing the need for cyber security in a wide range of areas — from changing business models to Internet of Things (IoT) devices.

A graph showing the leading cybersecurity spending priorities among enterprises worldwide in 2016-2017
Figure 1

As shown in figure 1, leading cyber security spending priorities for enterprises worldwide span five main areas from 2016 to 2017. Improved collaboration is the top spending priority for C-level executives and IT and security directors.

Addressing IT risks before incidents occur

A related Forbes publication concurs that Chief Executive Officers (CEOs) have always had very broad responsibilities. However, with the ever-present threat of information security breaches, CEOs are becoming increasingly responsible for their organisations’ overall security. Failure to take responsibility could cost millions, and often also results in a never-ending public relations nightmare, notwithstanding an exodus of customers and clients.

That means organisations need to address IT security risks before these incidents occur. This includes identifying key threats, reviewing existing security vulnerabilities and challenges to the agency’s data, enforcing risk management processes and common control frameworks, executing incident management processes (when crises occur), and empowering experts to maintain regular communications about security-related issues.

Being informed about security risks is not enough, though. Organisations need to align their security intelligence plans with those they serve as well as with their employees. Integrating three-step security protocols, for example, can help prevent a password security breach, which is one of the most common methods used by hackers to gain access to a company’s internal system.

Apply predictive analytics to detect advanced threats.

While defending company systems is crucial, the most innovative systems need to go a step beyond defense and apply predictive analytics that detect any advanced, persistent threats. Such integrated data analytics are capable of identifying previous breach patterns, and are then able to predict potential areas of attacks.

Security intelligence should have five capabilities:

  • Real-time flow analytics that track and monitor user behavior, social media usage, and mobile and cloud activity
  • Predictive analytics and pre-exploit awareness to identify unusual trends and patterns in behavior
  • Anomaly detection to uncover activities and behaviors beyond what’s expected
  • Data source integration and visualisation, with collaboration among various data sources to spot threats
  • Management of all endpoints, including mobile devices.