Drip, Drip, Drip…..
The sounds of a leakage are always a good recipe for attracting people’s attention. These annoying little drops are a reminder that something needs fixing. Online, users will not get the same feeling. The drip,drip,drip……cannot be heard in case of a data leakage.
Yahoo admitted on 23th September 2016 that sensitive information of half a billion users was stolen in 2014 (The Guardian, 2016). This included names, email addresses, phone numbers and security questions. This breach may be the biggest data leakage of all time. You might be saying to yourself, what do criminals want with my personal details? I am nothing out of the ordinary. Well, firstly the quantity of stolen information may come as a surprise. From the expected financial data and email addresses to your system configuration to see which malware would work best on your system defences. The most common reason for cyber criminals to steal your intellectual property is to sell the data or use it to blackmail the original individuals.
Data leakage is not something that occurs very sporadically. About eighty to ninety percent of the companies that are on the Fortune 500 list, plus several government agencies have fallen victim to data breaches. Since January 2005, close to a billion records containing sensitive personal information have fallen into the wrong hands. The leading cause of these data leakages is first of all the intrusion by hackers. This is followed by laptops being stolen and the information theft of insiders of the respected organizations. Finally, those data leakages are also responsible for fraud. The internet crime complaint center reported that in 2015, the fraud-related losses from companies/individuals in the United States had a total amount of 242 million dollars. (ICR, 2015)
So what can companies do to prevent this? These high-tech criminals are not the “cute vandals” they used to be. They evolved to organized criminals who have expertise in exploiting the IT weaknesses of the organization. In my opinion, the needed security that prevents the extraction of data needs to be implemented along the whole breadth of the organization.
The quality of a security strategy is influenced by different factors. I think that strong policies and a decent governance strategy are the backbones of a good data security. The consultation of IT experts will help the organization to account for every aspect. These two factors ensure a stable system where an efficient network can work best. This network needs to be able to discover, store, analyse and protect the data. After a policy is in place, it is essential to design a network that can discover, analyse and secure data. Furthermore, the network needs to possess abilities that enable it to leverage its intelligence, services, and devices which are already present in the organization.
How do you guys think we can prevent Data Breaches?
References:
https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers
IC3. (2015) 2015 Internet Crime Report, Accessed on 23 September 2016