70cc710850b21f2cd1027a96d266b2e7aaf4081a

Data Breach Severity: Prevention is Simply Not a Realistic Expectation

Advertisement

Lighted Ways Tech
Shop Your Best Moments here. The easiest way to find your things!- CHECK EVERYTHING ON AMAZON

Data Breach Severity: Prevention is Simply Not a Realistic Expectation
Cutting-edge threats are developed to precisely bear a resemblance of legitimate applications, websites, and emails

The common basic features of computers and the networks to which they derive their omnipresence will always stick a foothold to possibilities and means to do harm, not only to personal information but also to business/organization trade secrets and operational policy and strategy. 

No businesses or any organizations, no matter the size, can resist pinpointed data breaches. It can be just perceptions to some because mostly common citizenry is only familiar with publicize disclosed breaches, but the problem is much worse than what is reported. As per Verizon’s 2022 report, phishing was the cause of nearly 36% of all data breaches. Per the FBI’s Internet Crime Complaint Center (IC3), more than 800,900 reports of phishing were received in 2022, with losses exceeding $10.3 billion. 

Phishing Attack Statistics
Photo Source: Sprinto

It is reported that more than 88% of businesses were singled out for spear phishing attacks, a significant increase over the previous year. Data breaches are becoming an ordinary occurrence nowadays, though the general publics were not informed about the large number of breaches, that either are not in any mandate to disclose or breaches that were not yet detected. Cutting-edge threats are developed to precisely bear a resemblance of legitimate applications, websites, and emails, that every threat inscription, any behavioral heuristics, and reputation scoring standard solely cannot identify each one in the systems and with every conceivable method of attack vectors, targets, adversaries and systems increasing by leaps and bounds, it is becoming more impractical to stop up every threat sooner before it gets to a network. 

“The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over 3 years.”

IBM, Cost of a Data BreachReport 2023 

Realistically, organizations can not anymore focus on just preventing threats at the endpoint because they should also be able to identify other hostile threats as they enter the system and also detect and respond accordingly to any threats that have already breached security. Hence, data security is not anymore about securing the system against attacks but, rather it is now about putting up cyber flexibility to mitigate business impact in the event of a breach. Infosecurity Europe in its 2024 Cybersecurity Trends, Obstacles and Opportunities reports, nearly 40% of those surveyed showed that these issues are the driving force in the increased of investment in cyber defenses. Infosecurity Europe 2024 Survey Findings showed that 75% of security professionals have viewed the workforce showing risky security behaviors at work. The types of risky behaviors included using entertainment or streaming services (33%), sharing personal information (14%), and using gaming or gambling websites at work (10%). However, a glimpse of notable changes is in focus from a sole prevention-only security strategy to that of balancing prevention with detection, response, and recovery. 

Consequently, the current occurrence surmises that it takes extremely long for organizations to identify breaches. But how long is long enough when organizations do not even know they’ve been breached in the first place? A multitude of organizations lack the resources to monitor and most of them do not have working action plans to counter or even detect incidents of breaches if the organization does not know it’s been breached, how can it suitably respond? 

It is a given that, IT security professionals face a lot of complex, often conflicting risks and priorities, and as businesses are becoming increasingly linked and more cooperative with expanded perimeters and are adopting new practices and technologies, it is paramount that, IT professionals need to better understand which sensitive data assets to defend to drive decision-making and risk tolerance. With this in mind, IT security professionals can now work on developing intelligent and intuitive security programs that can be positioned with the organization’s individual business priorities and risk profile. With all the likelihood of disastrous consequences for an organization in the event of data breaches, its capability to respond to and recoup from an attack swiftly and efficiently is critical in building cyber resilience and a brilliant security master plan. In its survey, respondents to the Infosecurity Europe Industry Survey 2015 disclosed that in the event of a security incident, the biggest priority is to mitigate the impact on its customers. 

Whatever may the truth be, the information breach underlined yet another notion that no matter what kind or type the organization, how great and successful it is nobody is immune to cyber-attacks. Allowing the organization to function is foremost to security strategy intelligence. 

 ____________________________________________________________

 

References:

  1. Infosecurity Europe Blog | Intelligent Security: Protect. Detect. Respond. Recover.
  2. Symantec | Advanced Threat Protection: Network
  3. Breach Level Index | Categorizing Data Breach Severity with a Breach Level Index
Previous Post Next Post

Ads