Throughout the world, the frequency of cyber attacks is on the rise, with the US featuring as the largest victim. Typically, small- and mid-size businesses are at the receiving end of cyber attacks and data breaches.
In 2018, there were various frightening cybersecurity breaches at important organizations, which compromised sensitive information and data of the users and the business. Let’s take a look at cybersecurity disaster prevention methods, 4 of the top breaches of 2018, and lessons we can learn from them.
Cybersecurity Disaster Prevention
The exponential surge in the number of interconnected devices is driving the need for fast software development. The speed with which developers are creating new code additions has led to a higher risk of unknown code vulnerabilities. Hackers can potentially use these vulnerabilities to gain access to the sensitive data and information of an organization.
But hackers are not the only concern–insider threats, although often overlooked, pose serious dangers. A sizable number of data breaches come from the inside. A report from McAfee entitled ‘Grand Theft Data’ states that internal actors are accountable for 43% of data loss. 50% was caused by intentional harm, while 50% was accidental.
So, how should small- and mid-sized businesses protect themselves against a data breach or cyber incident?
As cyber attacks become more prevalent and sophisticated, it is not sufficient for organizations to simply defend themselves against these threats. Insider threats and persistent hackers have shown that with planning, commitment, and determination they can breach the data of an organization and access any information that they are after.
Today, risk management requires your organization to plan ahead, to preempt, protect, and return to business after a cyber attack. One way to do this is by establishing a security operations center (SOC).
Establishing a Security Operations Center (SOC)
A security operations center (SOC) is a facility where an information security team, in charge of monitoring and analyzing the security state of an organization, is housed. The goal of the SOC team is to isolate, analyze, and react to cybersecurity incidents via a set of processes and technology solutions.
As opposed to a conventional IT department, an SOC staff includes a team of trained engineers and cybersecurity analysts. These individuals use computer programs and tailored security processes that can identify weaknesses in the virtual infrastructure of the company and stop these vulnerabilities from resulting in theft or intrusion.
SOCs can take different forms. Some companies have an in-house SOC, and others choose to outsource their SOC. The core function of all SOCs is to prevent breaches and contain losses caused by online criminal activity.
4 Top Data Breaches and Lessons Learned
You can have fool-proof data security processes in place, however if your business partners and vendors don’t have the same stringent standard, your database and network could be vulnerable.
The Atrium Health data breach demonstrates this. They were victim to the largest data breach of 2018, which affected more than 2.6 million patients. Hackers accessed the medical records of patients by infiltrating Atrium Health’s billing vendor, AccuDoc Solutions. Ultimately, the hackers were not able to extract data, however, they could access patient information for a week before they were uncovered.
The lesson learned here? Watch your vendors and make sure they stick to the same data security regulations that your organization abides by.
Exactis is a data aggregation and marketing organization that collects business and consumer data via cookies obtained from websites. The company compromised 340 million business and consumer records by keeping 2TB data on a cloud server that was publicly available.
Over 400 variables of data about characteristics were made accessible by this security failure. No Social Security numbers or financial information were leaked, however the breach could result in identity theft for victims in the future.
The lesson learned is that a sloppy attitude towards cyber security is inexcusable. The Exactis breach, which was caused by an absence of authorization policy and account management systems to protect sensitive data, may not have occurred if the company had been proactive in their cybersecurity approach.
In May 2018, 1.4 million patient records were compromised when UnityPoint Health became the victim of a cybersecurity attack. Attackers sent employees phishing emails asking the recipients to share their email passwords. The emails appeared to be from the bosses of the employees. The attackers received passwords, and could then view the health information located in attachments.
This type of breach is particularly devastating, as social engineering attacks such as phishing are preventable. An effective employee training program can help prevent incidents like these. Organizations should create a culture of cybersecurity to increase the visibility of potential security events.
In September 2018, Facebook discovered the largest breach it has ever faced. The Facebook breach was pulled off by using bugs connected to one of its features, View As. By leveraging these vulnerabilities, hackers compromised the data of 50 million users. Hackers also accessed many other related platforms including Airbnb, Instagram, and Spotify.
If big players like Facebook with advanced engineering skills and security find it difficult in today’s digital environment to secure their platform, smaller businesses must take particular care to implement preventative measures.
Understanding the cybersecurity weaknesses and vulnerabilities of your organization is the first step in creating an effective cybersecurity program within your business. Being prepared for a breach is the only way to protect your data. Today, many organizations are relying on SOC services to help them with their security needs. SOC services can help your organization proactively isolate security incidents and provide maximum safety.