New security issues and hacking techniques are emerging all the time making it impossible for businesses to completely future proof themselves from hackers. But organizations can take simple steps that can go a long way to improving security. These include putting in place strong patching and password policy, and enforcement of multi-factor authentication on every public-facing system.
Organizations should implement regular security testing of all potential attack vectors, especially if it’s something that’s changed. They need to ensure they put in place a security strategy and stick to it.
Perform awareness assessments, organize security audits, examine those controls, review that access list.
There is no room for complacency, cyber threats are changing daily, so it is more important than ever that businesses keep informed of the latest developments. A cyber attack should be seen as inevitable so security should always be at the forefront of company strategy, not an afterthought.
More on security:
97% of IT leaders majorly concerned by insider data breaches
An Egress study has found that 97% of IT leaders are concerned that data will be exposed by their own employees, leading to insider breaches
This finding from Egress‘s Insider Data Breach Survey 2020, conducted by Opinion Matters, spelled a lack of reassurance for decision makers regarding insider breaches over the past 12 months.
Also, 78% of IT leaders surveyed said that employees have put data at risk accidentally within the last year, while 75% say that intentional compromise of data security has occurred.
While the former statistic has remained stable since 2019, the latter saw a 14% jump.
In the UK, 63% declared intentional data security compromise, while 68% said this was accidental. This contrasted with leaders in the Benelux region, 89% of whom said that data was put at risk intentionally, and 91% accidentally.
Egress CEO, Tony Pepper, said: “While they acknowledge the sustained risk of insider data breaches, bizarrely, IT leaders have not adopted new strategies or technologies to mitigate the risk.
Real-time data and cyber security: key to mitigating the risk
“Effectively, they are adopting a risk posture in which at least one-third of employees putting data at risk is deemed acceptable.
“The severe penalties for data breaches mean IT leaders must action better risk management strategies, using advanced tools to prevent insider data breaches.
“They also need better visibility of risk vectors; relying on employees to report incidents is not an acceptable data protection strategy.”
The most common cause of company data risk, according to leaders, is the sharing of data to personal devices.
In regards to challenges, two proportions of 24% said a lack of employee security training, and a lack of effective security systems respectively, were to blame.
23%, meanwhile, blamed a lack of awareness, and 21% said that insider breaches were mainly caused by employee's rushing tasks.
In terms of what kinds of cyber attacks were causing breaches over the past year, 41% cited phishing attacks over email, while 31% said that employees had sent information to the wrong person.
More to come soon:
Info provided by:
Aaron Hurst
No comments:
Post a Comment