The year 2019 was the worst ever for data security, based on the average cost and number of data breaches. In the first six months of 2019, there were nearly 4,000 publicly reported breaches worldwide. In that same period there were in excess of 4.1 billion records exposed . The business sector was responsible for 67% of these breaches, and 84.6% of records exposed.
Adding to the many costs associated with data breaches is reputational damage. A survey conducted in October 2019 concluded that 81% of respondents would cease any online activity with a brand after a data breach. Consumers naturally expect that companies are taking the necessary precautions to protect their data.
2020’s Top 4 Cyber Threats Against Companies
Insider Threats
A recent report estimates that one third of all data breaches are caused by insiders. These could include everything from accidental sharing to negligence to intentional data theft. Examples are:
- Employees using un-secure methods such as social media and personal email to send files to co-workers.
- Data saved on home computers, smartphones, or un-encrypted USB devices, which are more easily breached.
- Home computers brought to the office could contain malware which gets distributed on your network.
- Weak passwords and passwords recorded in un-safe locations can leave the door open to hackers.
- Computers left logged in and unattended can allow unauthorized access to data.
- Employees leaving your organization might take proprietary data with them.
Phishing Scams
Phishing emails continue to make their way into employee inboxes. Many are becoming increasingly deceptive. This is partly due to the abundance of breached data available to cyber thieves, helping them create authentic-looking messages. Just one email message link or attachment that lures an unsuspecting employee to click, can be devastating to your data and ultimately your business. Many highly publicized breaches have been a result of a single employee click. Security experts agree that this continues to be the biggest “Achilles heel” for any organization.
Exposed Databases
Cloud computing is a growing component of most business operations. This can include hosted Email, documents, collaboration tools, specific applications, backed up data and even your own dedicated hosted Servers. Data hosted in the cloud needs to be protected just as much as your local data. This means implementing such measures as strong password policies, multi-factor authentication, and regular employee education on best practices and what to be wary of. Understanding the security measures in place with the vendors that are providing your hosted solutions is another consideration.
Indifference
While the statistics and news reports provide overwhelming evidence that loss of data is the most pressing threat currently facing organizations, studies indicate that management are not taking this seriously. In addition, they tend to over-estimate their ability to quickly recover from a cyber security event. Furthermore, the idea that only large organizations are being targeted is absolutely false. Smaller organizations often present much easier targets. The payout for the cyber thieves may be smaller, but they compensate with successful attacks on a larger volume of victims.
Conclusions
While 2019 was a bad year for data security, 2020 is not likely to be any better. It will be those companies who pay attention and allocate the additional resources required to help protect themselves from data security threats, that will rise above their competitors. Data security measures will increasingly become a differentiator for customers looking for vendors they can trust.
If you would like to learn more about enhancing your company’s data security measures let’s talk.