As the world becomes more and more dependent on technology, there is so much more data out there than ever before. Unfortunately, because we’ve adopted these new tools and systems so quickly, there has been a steep (and expensive) learning curve, particularly when it comes to security.
One of the most troubling signs is that cybercrime and cyberattacks are continuously on the rise, and businesses don’t seem to be keeping up. While high-profile breaches can spur action for many major companies, the real problem appears to be smaller businesses that don’t believe that they are targets.
Here is the harsh reality - everyone’s information is up for grabs on the internet. Whether it’s a personal device or a massive database, hackers will steal it all. It’s much easier to take information first and then figure out if it’s valuable later.
So, with that in mind, we want to take a look at the world of data encryption and security. We’ll discuss the most significant challenges facing businesses and organizations today, as well as steps you can take to protect your data right now. All of this can seem a bit overwhelming, but the fact is that it’s much better to be proactive than reactive.
The Cost of Data Breaches
First, let’s look at some terrifying statistics. Once you understand the widespread nature of the problem, it should spur you to do something about it. After all, the demand for technology and online data will only continue to grow, so now is the perfect time to create a strategy for combating the threats that are out there.
Average Cost of a Data Breach: $3.92 million
The Ponemon Institute conducts a survey annually to determine how expensive data breaches can be for companies. While 2019’s cost is not the highest it’s ever been ($4 million in 2016), it’s still a massive problem. Worldwide, data breaches are estimated to cost over $6 trillion annually by 2021. That’s more money than the entire illicit drug trade.
Also, it’s crucial to point out that this is a global average. When you look at the United States individually, the average cost per data breach is $8.19 million, with the healthcare sector accounting for most of that.
Small Businesses Targeted by Hackers: 43%
As we mentioned, one of the most substantial problems with cybersecurity trends is that smaller organizations assume (wrongly) that they won’t be targeted. Yes, global brands will generally have more information and be more lucrative overall, but the big companies can spend more on boosting security. Hackers know that small businesses don’t have the resources to keep them at bay.
According to recent research, only 14 percent of small organizations believe that their ability to monitor and respond to cyberattacks is “highly effective.” That illustrates a massive deficit between capability and reality. Even worse, around 60 percent of small businesses go bankrupt due to these attacks. It’s simply too costly to try and recover from it.
Records Exposed in 2019 So Far: 4.1 Billion
2019 has already become a banner year in online security threats. Over four billion records were compromised within the first half of the year, marking the largest number ever recorded. Even worse, almost all of this data was exposed from only eight breaches.
Some good news did come out of the report; apparently, most of the data was rated as “moderate to severely low” importance, so it’s not like that many bank accounts or social security numbers were up for grabs. However, it illustrates the alarming fact that businesses and organizations are ill-equipped to manage the growing threat of cyberattacks and hacking.
Top Data Breaches of 2019
Let’s put this problem into some perspective. Here are some of the breaches that occurred within the first half of 2019.
- January 16th - Fortnite - 200 million users
- January 17th - Collection #1 - 770 million emails, 21 million passwords
- [Collection #1 was uncovered by ethical hacker Troy Hunt. It was a massive collection of email addresses and passwords that were compiled by other data breaches.]
- March 29th - Verifications.io - 982 million email addresses
- April 2nd - Facebook - 540 million records
- May 25th - First America Corp. - 885 million records
How Data Breaches Occur
Companies large and small seem to be equally susceptible to data breaches, which begs the question: how is so much information getting out? Let’s look at the top reasons why breaches occur so that we may figure out a way for these organizations to tighten things up.
Cloud-Based Storage
According to the Ponemon Institute (the same one from above), only 32 percent of organizations using cloud technology believe that it’s their responsibility to protect their data. There seems to be a widespread misconception that cloud hosting sites are the ones who need to prevent data breaches. Unfortunately, the reality is that each business or entity on the cloud has to take charge of cybersecurity, as the cost and burden is on the individual, not the host.
To make matters worse, less than half (49 percent) of businesses are using cloud-based cybersecurity options, such as tokenization or encryption. As more and more companies switch to the cloud, all of their data will be instantly accessible.
Code Repositories
One way that new programs and software can get developed is by being open-sourced. Developers from around the world can go in and make adjustments, improving the code, and making the program work more efficiently. A prime example of this in action is the website builder WordPress.
Unfortunately, being open-sourced also means that the code is accessible to hackers as well. Code repositories like GitHub are largely unsecured, meaning that anyone can go in and find a veritable treasure trove of information.
What makes this kind of cyberattack most troubling is that hackers can gain access to accounts using the software, all without being detected. Login credentials and access keys can be included in these repositories, which enables hackers to get in without force. It’s like leaving a hide-a-key right next to the doorknob in plain sight.
Another reason why this method of cyberattack is so effective is that it’s prohibitively expensive and complicated to go in and secure these repositories. Until these organizations can find a more efficient method of storage and security, this problem will continue to persist.
User Error
Finally, one of the most significant (and unfortunately, hardest to mitigate) problems facing cybersecurity is the fact that average people are the ones compromising the data in the first place. Most individuals are not security experts, which means that they make it easier for hackers to get information. Some examples of user error can include:
- Stolen Devices - as technology becomes more mobile, it’s easier to take. Hackers can break into smartphones and laptops, getting all of the data stored inside.
- BYOD (Bring Your Own Device) - companies are embracing the practice of allowing employees to use personal devices for work. Unfortunately, it’s much more challenging to secure these machines and update them.
- Phishing - these days, phishing scams are becoming much more sophisticated. Hackers will discover personal information about a user and then incorporate that into an email message, prompting the user to open it, releasing a virus or other malware.
How You Can Take Action
Looking at the proliferation of cyberattacks, it’s easy to get defeated and assume that we’re all doomed. However, the reality should inspire you to be more careful about your online habits. The internet is still a fantastic resource, and it will only continue to play a more vital role in all of our lives.
So, with that in mind, here are some essential steps to protecting your (and your company’s) data.
Backup Devices Frequently
While more businesses are starting to realize the value of data backups, there are still many out there that don’t do this as often as they should. Realistically, you should back up all of your company data once per quarter (at least). Maintaining a consistent backup schedule ensures that any breaches or loss won’t impact your operations too significantly.
Invest in Cybersecurity Updates
Another positive trend is that more and more businesses are catching on to the idea of protecting information. More money is being spent on cybersecurity than ever before. The industry as a whole is expected to reach $124 billion by the end of 2019.
Even if you’re a small business, paying for prevention services will be the smartest move possible. Don’t think of it as a cost but as an investment in your company’s future. The price of a data breach will be much higher.
Update Software and Security Constantly
One of the easiest ways for hackers to gain access to a system is by exploiting out-of-date code. Upgrading your system as much as possible can patch any potential holes that will allow hackers to get inside. Also, since you’ll likely be using a variety of programs and codes, you have to maintain a consistent updating schedule for all of them.
Train Employees
Considering that workers can be the weakest link in any cybersecurity system, now is the perfect time to train employees on how to be smarter online. Illustrate how to protect sensitive data, create a best practices outline for BYOD programs, and ensure that personal devices are updated regularly.
Bottom Line: Your Data Probably Isn’t That Secure
Overall, chances are that your business or organization is falling behind when it comes to cybersecurity. Fortunately, it’s never too late to change that. Now is the perfect time to update your security practices. A proactive and vigilant mindset can make a world of difference.
Resources: https://securityintelligence.com/posts/whats-new-in-the-2019-cost-of-a-data-breach-report/#targetText=The%20global%20average%20cost%20of,percent%20between%202014%20and%202019.
https://www.appknox.com/blog/cybersecurity-statistics-2019
https://www.forbes.com/sites/daveywinder/2019/08/20/data-breaches-expose-41-billion-records-in-first-six-months-of-2019/#5913bc15bd54
https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
https://thehackernews.com/2019/10/data-breach-protection.html
http://techgenix.com/2019-data-breaches/
