Some types of cyber threats run together in many people’s minds.
However, the question of what
is a data breach versus a different type of cyber incident is pretty clear.
Data breaches have become a daily occurrence. Many organizations
collect massive amounts of data about their customers and fail to properly
secure these collections. Since this data is valuable on the black market,
cybercriminals take advantage of these weak protections to steal sensitive
data.
It probably should not come as a surprise that the threat of the
data breach is not only ongoing but growing. Organizations still have the same
vast collections of sensitive data, and it is only becoming more valuable. However,
while the growth of the number of data breaches and exposed records in 2019 is
to be expected, the drivers behind the exposure of sensitive data may be less
so.
The Threat of
the Data Breach
Data breaches have entered the public consciousness as one of the
biggest cybersecurity threats in existence. They probably would have the top
spot unopposed if it wasn’t for the very visible and personal threat of
ransomware.
For many organizations, preventing a data breach is one of their
highest cybersecurity priorities. With the passage of new data privacy laws
like the General Data Protection Regulation (GDPR) in the European Union, the
California Consumer Privacy Act (CCPA), and dozens of others, being the victim
of a data breach can be extremely costly for an organization. This has created
some odd incentives in cybersecurity efforts like bug bounty programs, where
extremely common threats like cross-site scripting (XSS) that don’t often
result in data breaches are
assigned much lower bounties than rarer threats that could
result in a major, public breach.
Protecting against data breaches is difficult because they can be
performed in so many ways. A common cause of a data breach is misconfigured
security settings in the cloud, where a “public” data store is fully accessible
to anyone who can learn the URL. Data breaches are also commonly caused by
exploitation of web application vulnerabilities (including XSS) that take
advantage of the fact that these web apps often have direct access to back-end
databases containing user account information.
Organizations attempting to protect themselves from the threat of
data breaches must struggle with the fact that a data breach can be very
profitable for an attacker and is difficult to defend against due to the wide
range of possible attack vectors. Since the majority of organizations lack the
level of technical knowledge and expertise held by many cybercriminals, and the
identification of vulnerabilities that can be used in data breaches can be
performed in an automated fashion, it shouldn’t be surprising that the number
of data breaches is growing.
Data Breaches
Continue Growing
2019
is a bad year for data breaches. In the first nine months of 2019, there were a
total of 5,183 different data breaches with 7.9 billion records exposed. This
represents a significant growth in both the number and impact of data breaches
compared to the same period in 2018. The number of breaches has grown by 33%,
and the total number of breached records is 12% higher.
Interestingly, the drivers between the number of breaches and the
volume of breached records differ. Unsurprisingly, cybercriminals were
responsible for the majority of data breaches; however, they don’t account for
the majority of breached records.
Accidental data leaks, like those caused by misconfiguration of
cloud services security settings, have caused over 6 billion records to be
exposed in the first three quarters of 2019. This number is calculated based
upon the number of insecure cloud data repositories that have been discovered
and reported. However, the true amount of data exposed on these cloud
deployments is likely much higher, and the nature of the cloud means that
organizations with insecure cloud resources may not even be aware if they have
been accessed by unauthorized parties.
How to
Protect Sensitive Data
Data breaches can be carried off in a wide variety of different
ways. Many of them are intentional actions by cybercriminals attempting to gain
access to sensitive data for their own use or for resale on the black market.
However, others occur without malicious intent as companies accidentally expose
their own data due to negligence or a lack of understanding of how to secure
new environments like the cloud.
Protecting against data breaches requires the ability to identify
and monitor repositories of sensitive data through the organization’s
environment. While the organization’s main databases may be well-protected,
unforeseen circumstances can cause sensitive data to be stored in unprotected
repositories.
Data may be migrated to the cloud to fulfill business needs, but
without the oversight of the organization’s IT and security teams. Sensitive
data may be needed to test software under development and be copied to a
database within the development environment. The organization may have backup
systems in place to protect against ransomware but inadequately protect those
backups.
These unofficial data repositories are a favorite target of
hackers since they lack the defenses of the main database. Protecting against
data breaches requires visibility and security into all of an organization’s
sensitive data, wherever it may be located.
Jan 22 2020
Same Problem, Different Drivers: 2019 is Breaking Records for Data Breaches
Some types of cyber threats run together in many people’s minds. However, the question of what is a data breach versus a different type of cyber incident is pretty clear.
Data breaches have become a daily occurrence. Many organizations collect massive amounts of data about their customers and fail to properly secure these collections. Since this data is valuable on the black market, cybercriminals take advantage of these weak protections to steal sensitive data.
It probably should not come as a surprise that the threat of the data breach is not only ongoing but growing. Organizations still have the same vast collections of sensitive data, and it is only becoming more valuable. However, while the growth of the number of data breaches and exposed records in 2019 is to be expected, the drivers behind the exposure of sensitive data may be less so.
The Threat of the Data Breach
Data breaches have entered the public consciousness as one of the biggest cybersecurity threats in existence. They probably would have the top spot unopposed if it wasn’t for the very visible and personal threat of ransomware.
For many organizations, preventing a data breach is one of their highest cybersecurity priorities. With the passage of new data privacy laws like the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA), and dozens of others, being the victim of a data breach can be extremely costly for an organization. This has created some odd incentives in cybersecurity efforts like bug bounty programs, where extremely common threats like cross-site scripting (XSS) that don’t often result in data breaches are assigned much lower bounties than rarer threats that could result in a major, public breach.
Protecting against data breaches is difficult because they can be performed in so many ways. A common cause of a data breach is misconfigured security settings in the cloud, where a “public” data store is fully accessible to anyone who can learn the URL. Data breaches are also commonly caused by exploitation of web application vulnerabilities (including XSS) that take advantage of the fact that these web apps often have direct access to back-end databases containing user account information.
Organizations attempting to protect themselves from the threat of data breaches must struggle with the fact that a data breach can be very profitable for an attacker and is difficult to defend against due to the wide range of possible attack vectors. Since the majority of organizations lack the level of technical knowledge and expertise held by many cybercriminals, and the identification of vulnerabilities that can be used in data breaches can be performed in an automated fashion, it shouldn’t be surprising that the number of data breaches is growing.
Data Breaches Continue Growing
2019 is a bad year for data breaches. In the first nine months of 2019, there were a total of 5,183 different data breaches with 7.9 billion records exposed. This represents a significant growth in both the number and impact of data breaches compared to the same period in 2018. The number of breaches has grown by 33%, and the total number of breached records is 12% higher.
Interestingly, the drivers between the number of breaches and the volume of breached records differ. Unsurprisingly, cybercriminals were responsible for the majority of data breaches; however, they don’t account for the majority of breached records.
Accidental data leaks, like those caused by misconfiguration of cloud services security settings, have caused over 6 billion records to be exposed in the first three quarters of 2019. This number is calculated based upon the number of insecure cloud data repositories that have been discovered and reported. However, the true amount of data exposed on these cloud deployments is likely much higher, and the nature of the cloud means that organizations with insecure cloud resources may not even be aware if they have been accessed by unauthorized parties.
How to Protect Sensitive Data
Data breaches can be carried off in a wide variety of different ways. Many of them are intentional actions by cybercriminals attempting to gain access to sensitive data for their own use or for resale on the black market. However, others occur without malicious intent as companies accidentally expose their own data due to negligence or a lack of understanding of how to secure new environments like the cloud.
Protecting against data breaches requires the ability to identify and monitor repositories of sensitive data through the organization’s environment. While the organization’s main databases may be well-protected, unforeseen circumstances can cause sensitive data to be stored in unprotected repositories.
Data may be migrated to the cloud to fulfill business needs, but without the oversight of the organization’s IT and security teams. Sensitive data may be needed to test software under development and be copied to a database within the development environment. The organization may have backup systems in place to protect against ransomware but inadequately protect those backups.
These unofficial data repositories are a favorite target of hackers since they lack the defenses of the main database. Protecting against data breaches requires visibility and security into all of an organization’s sensitive data, wherever it may be located.
By admin • Technology • Tags: business, cyber threats, European Union, hackers, information, market, Protect Sensitive Data, software, URL, XSS