The Ugly Truth About Data Breaches

It’s mid October, which means fall is in the air and leaves are on the ground; autumn has officially begun. October is also National Cyber Security Awareness Month (NCSAM), and at Beeline, we thought we would take this opportunity to create some dialogue around this important topic.

It’s imperative that we examine some of the security breaches that have recently occurred in order to learn how we can take active measures to prevent similar incidents from occurring. This awareness is crucial to safeguarding your organization from security threats online and keeping your data safe from the crippling effects of a data breach. Perhaps the most recent and alarming security breach happened in August 2014. According to Hold Security, Russian hackers stole 1.2 billion unique user name and password combinations – almost the population of China – and more than 500 million e-mail addresses. According to Alex Holden, the founder and Chief Information Security Officer of Hold Security, “Hackers did not just target U.S. companies; they targeted any website they could get, ranging from Fortune 500 companies to very small websites. And most of these sites are still vulnerable.” After the 2013 Target hack, it’s easy to see that data breaches are plaguing corporations, as well. Companies need to take this issue seriously regardless of industry, size, and geographic location. What if your company is vulnerable and you don’t even know it? What if one of your vendors or business partners becomes victim to a data breach and it scares all of your customers away? The thought can paralyze even the most experienced HR and procurement professionals. How Easily You Can Get Hacked Organizations have enough to worry about without adding data security to the mix, but it’s increasingly clear this is not a problem they can ignore. Data breach issues cost corporations worldwide millions of dollars. That doesn’t take into account the havoc that leaked data can wreck on brand identity and the loss of trust of staff, customers, and suppliers. Despite efforts to fight them, data security breaches are only getting larger, more frequent, and more costly. Data breach issues continue to cause problems for government entities and companies in all industries. According to reports, websites victimized by hackers included companies in real estate, oil, consulting, car rental, and hotel industries. Among the victims were also computer hardware and software firms and the food industry. “The ability to attack is certainly outpacing the ability to defend,” Lillian Ablon, a security researcher at the RAND Corporation told the New York Times. That’s not to say companies aren’t trying to improve data security, but according to Lance Larson, San Diego State University’s Department of Management Information Systems professor, new technology makes it simple for hackers to digitally enter a company and install hacking systems. Many Companies Underestimate the Importance of Data Security Companies continue to underestimate the importance of data security. Many companies still aren’t taking the proper steps to safeguard their networks against hackers and protect the data they collect from consumers and other sources. It’s unclear whether this is due to a lack of a sense of urgency, budget shortfalls, or just a belief that “it won’t happen to us,” but the Russian record-breaking data breach highlights widespread security flaws facing companies. So, why do companies keep getting hacked? One reason is that hacking is big business. In fact, modern-day hackers are typically much better funded than many companies are. Another reason is that companies often neglect to ensure security measures are in place, not just in their organization, but also in those of their partners, suppliers, and vendors. For example, let’s consider the 2013 Target hack, where hackers reportedly gained access to Target’s corporate network using stolen authentication credentials from an air conditioning subcontractor. How to Keep Data Out of Hackers’ Hands Like it or not, the odds are you will have to deal with a data breach at some point. After all, companies get attacked an average of 16,856 times a year with many of those attacks resulting in a data breach. If you want to protect your data and other business assets, you need to develop a first-class data security strategy. You must build data security into your systems and processes – everything from establishing guidelines for employees to asking the right questions when selecting vendors and technology partners. Consider starting with the following steps:
  • Fix weakly secured sites. Patch preventable vulnerabilities.
  • Safeguard against the two most common types of hacking — attacking websites to gain access to underlying databases of customer information and going after individuals and everyday email.
  • Follow security best practices. Develop layered security measures.
  • Monitor anomalies in your network to detect breaches quickly.
  • Pay special attention to protecting SQL databases.
  • Have a response plan in place in case the unthinkable happens.
Learn how to protect your business and keep your data safe from the crippling effects of a data breach. Download Beeline’s latest whitepaper about data security today to learn more about The Importance of Data Security and Protecting Your Confidential Information.