Thank you, our adivisors will calling you.
par Lepide • 28 Feb 2019
According to the 2018 Cost of a Data Breach Study, conducted by the Ponemon Institute, the average global cost of a data breach rose from $3.62 to $3.86 million annually, an increase of 6.4%. Data breaches are unquestionably problematic for businesses across the globe, with new strains of malware and other methods of fraudulently harvesting valuable data evolving at a pace that is faster than security experts can keep up. Companies often fail to monitor the actions of their employees and fail to enforce policies that determine how they can use the Internet and the devices they can use to access sensitive data.
One could argue that most data breaches are, in some way or another, caused by employees, and the vague definition of what constitutes an “insider threat” is one of the reasons why the statistics can vary so much. Statistics aside, there are a number of ways that employees are putting our valuable data at risk. For example, employees often use weak passwords, send sensitive data to the wrong recipients, share login credentials, and fall victim to phishing scams. And it’s not just regular employees who make mistakes. IT security staff members often fail to keep their systems patched/updated, implement the correct access controls, and properly configure the necessary security settings. Data breaches that occur as a result of erroneous employees are typically the consequence of three main factors:
In order to mitigate unauthorised activities on your network, establishing a set of security policies and educating employees about those policies, should be the first area to focus on. However, enforcing those policies will require the right tools, as you will need to be able to quickly identify any suspicious activities that takes place.
Data discovery and classification tools will help to locate and classify your sensitive data, which will make it easier to assign the correct access controls. Data Loss Prevention tools can be used to prevent unencrypted sensitive data leaving the network, and Data-Centric Audit & Protection solutions should be implemented in order to monitor changes to account privileges as well as your sensitive files, folders, email accounts, and so on.
Some DCAP solutions have data discovery and classification built in, and also provide features for detecting events that match a pre-defined threshold condition. Such events may include multiple failed login attempts, or multiple files being encrypted within a specified period of time. It is even possible to setup an automated response to such changes, such as disabling a user account, changing security settings, or even shutting down the server.