2020 was a landmark year for data breaches. This year will likely be no different.
More than 8 billion records were exposed in just the first quarter, a 273 percent jump over the same period from 2019. By the end of Q3 2020, a staggering 36 billion records had been exposed. By end of the year, data breaches had struck high-profile organizations including SolarWinds, Facebook, Microsoft, and the U.S. Department of Defense.
And although 2020 was dubbed “the worst year on record,” 2021 seems to be worse. By October, the number of publicly-reported breaches had surpassed 2020 figures by 17 percent.
That’s a lot of data leaking away from corporate control. In this post, we’ll explore the idea of data leakage, its common causes, and how companies can work to prevent such incidents.
What Are the Risks of Data Leakage?
A data leak is not something to be taken lightly. Let’s talk about the potentially severe consequences of a data leak.
-
Loss of Sensitive Data
If a breach leads to the loss, compromise, or theft of sensitive, critical, or secret data, the consequences can be devastating for the data owners and the company.
For instance, if the data is Personally Identifiable Information (PII), its loss may result in identity theft. If healthcare data is compromised, it may affect the medical care a patient receives.
-
Financial Losses
The average cost of a data breach in 2021 has risen to a staggering $4.24 million. A breach can bring substantial financial harm to the affected organization.
Breach investigation, incident response, cybersecurity measures, and victim compensation all cost money, and usually lots of it. A breach can also increase the costs of insurance and affect compliance with regulatory standards. Ultimately, a firm can experience decreased share price and market valuation.
-
Reputational Damage
A data breach often results in bad media coverage, which can devastate the organization’s reputation and brand value. It may lead to a loss of customer trust and loyalty, resulting in increased customer churn. In the long term, reputational damage can hurt the company’s ability to attract new employees, customers, and investments.
-
Operational Downtime
A data breach can disrupt business operations and cause downtime, leading to revenue and productivity losses. It can also drive up costs for overtime, system repairs, data recovery, and the like. It may also affect the supply chain, resulting in delays, additional fees, or fines.
-
Legal Fees and Regulatory Penalties
Legal expenses and regulatory penalties can add up quickly if a data breach results in a class-action lawsuit or regulatory enforcement.
In 2017, Equifax suffered a massive data breach where hackers stole the personal data of 145 million customers. In 2019, the company agreed to pay $575 million for a settlement with the Federal Trade Commission (FTC). It also agreed to pay $300 million to a fund to provide affected customers with free credit monitoring services.
4 Common Data Leaks in 2021 (And What Causes Them)
-
Technology
Insecure devices, unpatched software, open software vulnerabilities, and a lack of encryption are common causes of data breaches. Misconfigured software settings could also expose sensitive or confidential information, such as:
- Customer records (names, addresses, or Social Security numbers, for example)
- Employee records
- PII
- Healthcare information
- Financial information, such as credit card numbers
- Business secrets
- Intellectual property
Lost or stolen devices containing sensitive information can also result in breaches.
-
People
Many organizations assume that breaches are the result of malicious outsiders. This is wrong. According to a 2020 survey, negligent insiders and human error accounted for 62 percent of cyber incidents in organizations.
Employees can inadvertently increase the chances of a major data breach in the organization when they:
- Send information to the wrong person
- Upload data to an unsecured location
- Access company files through an open WiFi network
- Use recycled, default, or weak passwords
- Fall victim to a phishing scam or social engineering attack
Per another survey, malicious insider attacks are also on the rise, accounting for 14 percent of security breaches. Employees or vendors may intentionally misuse their access credentials to steal company data for financial gain or sabotage the business.
The risks of data breaches due to people are higher than ever. Employees are 85 percent more likely to leak sensitive files now than they were before COVID-19 due to the implications of remote work. In 2021, 33 percent of data breaches are expected to be insider threat-related.
-
Supply Chain Attacks
Supply chain attacks often result in data breaches with far-reaching impacts.
In the SolarWinds Orion attack of 2020, threat actors slipped malicious code into the company’s software. The code enabled the attacker to compromise the software at the source, and consequently attacked all organizations using SolarWinds software. Thus, one single attack gave the hackers access to the data of all victim organizations.
-
Cyberattacks
Many malicious data breaches occur due to cybercrime or cyberattacks. The most common methods used by hackers to steal enterprise data are:
- Malware: Bad actors install ransomware or spyware on victims’ devices to spy on them, steal data, or demand ransoms after encrypting their data.
- Phishing: Attackers pose as genuine organizations to fool victims into parting with sensitive data.
- Brute force attacks: Hackers work through multiple user name and password combinations to find one or more combinations that can give them access to victim devices, and ultimately, their data.
How Can I Avoid Data Leaks? 5 Preventative Measures
By taking the steps below, organizations can prevent data leaks and avoid becoming victims of clever hackers or sophisticated cyber criminals:
-
Strengthen Cyber Defenses
In today’s breach landscape, strong cyber defenses are absolutely critical. Every organization must protect its networks and assets with robust cybersecurity and digital risk protection programs that include:
- Firewalls to block malicious external programs from infiltrating the network and accessing data
- Antivirus, anti-spam, and anti-malware programs on all devices
- Endpoint detection and response (EDR) solutions
- Automated vulnerability scans and manual penetration tests
- Robust bring your own device (BYOD) security policies to protect personal devices containing sensitive data
- Strong password policies and multi-factor authentication
- Protective measures to secure data backups
In addition, work with vendors and contractors to assure they have also implemented cybersecurity measures for preventing third-party data breaches.
-
Regularly Patch and Upgrade All Software
Software vulnerabilities are a common cause of data breaches, so it’s vital to regularly patch and update all enterprise software. This is especially important for third-party and open source software since research has found that vulnerabilities in their source code are responsible for 16 percent of data breaches.
-
Encrypt Data
Encryption is vital to prevent hackers from accessing or reading sensitive corporate data. All private, sensitive, and classified information should be encrypted, whether it’s at rest or in transit.
It’s also important to encrypt all devices, including mobile devices, wireless networks, routers, and entire disks — not just a few files. This way, even if a malicious entity accesses, duplicates, or steals the data, the attacker won’t be able to read it. That will help to minimize damage.
-
Improve Employee Security Awareness
Since careless insiders are a primary source of data breaches, enterprises must minimize the insider threat problem. Hence employee security awareness is crucial. The cybersecurity awareness program should train employees on all these critical cyber hygiene aspects:
- How to detect ransomware or phishing attacks
- Social engineering and how they can avoid becoming a victim
- The importance of using strong, unique passwords
- The consequences of leaving devices unattended and using insecure WiFi networks or personal devices
- The role of access management in preventing unauthorized access
- Best practices and policies for email and remote work
It’s also important to monitor “red flags” that may indicate insider security threats to data. These include employees who:
- Work outside scheduled work hours
- Log in from different locations or devices
- Copy large amounts of data to removable drives or personal devices
- Exhibit signs of personal problems that may indicate deeper financial troubles
User behavior analytics (UBA) and security information and event management (SIEM) systems can help security teams proactively spot and address insider threats to data security.
-
Dispose Data Properly
Data thieves can also retrieve data from old devices and outdated documents. That’s why safe data disposal and record retention policies are crucial to protect data and prevent data theft.
Enterprises must safely store paper documents and assure that only authorized personnel can access them. Old records must be shredded, the contents of old devices such as hard drives and portable storage media must be removed, and old files must be deleted from on-premises and cloud backups.
ZenGRC Can Help Prevent Data Leakage
Data breach prevention starts with understanding your risks. Expose evolving threats, track risks across your enterprise, and see where risks are changing with ZenGRC.
ZenGRC is an integrated governance, risk, and compliance platform that can help you manage your security risks and policies with ease. Minimize business exposure and the risk of data breaches with enhanced visibility into your risk environment.
Its software solutions provide a single source of truth to manage all documentation. Automated features track workflows and due dates so risk managers can focus on the bigger picture.
Schedule a demo today to see how ZenGRC can benefit your business.