The Data Breaches Are Coming – Play It Safe
April 6, 2017
Accenture’s High Performance Security Report suggests that Dutch organizations do not give high enough priority to protecting customer data – and that this could lead to breaches of data. In this article, we offer some tips on how to protect your organization from suffering a similar fate.
<<< Start >>>
<<< End >>>
Do you know what happens to sensitive customer data in your organization? Patients’ medical records, for instance, personal details of employees or staff, contact lists, payment data… Unfortunately, not all businesses protect and monitor the sensitive data in their possession. They often have no idea what happens to their data and whether it is being kept safe. Compared with the global average, Dutch companies are lagging behind in the security measures they take. At the same time, they are still relatively confident about the state of their security capabilities. However, data breaches are becoming increasingly common. Millions of bits of information are lost or stolen, or fall into the hands of the wrong people – people outside your organization who have no right to access this data. Breaches may be deliberate or accidental. In 2013, Yahoo, for example, lost a billion records in a data breach. In 2016, in its High Performance Security Research Report, Accenture reported on a survey of 2,000 security managers from reputable companies, revealing that one in four attempted data breaches in the Netherlands is successful. Below, we elaborate on three key topics addressed in the report: cyber security strategy, data breaches and security monitoring.
The cyber security strategies of major organizations in the Netherlands address three key risks. The first of these involves the protection of sensitive business information, including strategy papers, financial data and intellectual property. The second key risk is the disruption of normal business operations, such as disruptions of payment facilities, network infrastructure failures, and lengthy power cuts. In short, anything that may damage productivity or disrupt financial flows, or, in the worst case, trigger social unrest. The third major risk is reputational damage. Serious cyber security incidents can cause permanent damage to a company’s reputation, making both shareholders and consumers jittery.
It emerged from the survey that Dutch and non-Dutch companies differ considerably when it comes to protecting customer data. Respondents from outside the Netherlands gave higher strategic priority to protecting their data than Dutch companies. One possible explanation is that, in contrast to companies abroad (e.g. in the US), Dutch companies have not yet experienced any serious data breaches. Compared to other geographies, companies in the Netherlands seem to be more concerned about legal or compliance issues arising from cyber incidents.
Despite the cyber security strategies that are in place and the confidence reflected in the report, Dutch organizations still flag up a significant number of data breaches. These breaches may take the form of cyber attacks, or the loss of laptops, USB sticks or other data carriers containing sensitive information. On average, Dutch organizations annually report the discovery of 138 attempted breaches; 37 of these are successful. This amounts to a success rate of 1 in 4. Over 30% of successful data violations come from within, for example, from employees with a grudge. These “internal” origins may also include staff effectively giving sensitive data away by failing to apply internal policy and standards. Other breaches may be due to configuration errors or lost (or stolen) devices (such as media, laptops, or phones). Finally, the report suggests that hackers are responsible for 22% of the successful Dutch breaches, which is 3% above the global average.
<<< Start >>>
<<< End >>>
Dutch organizations are taking various measures to prevent data breaches. Not only do they protect their networks, but staff are also becoming better trained in identifying and preventing data breaches. The fact that Dutch businesses are more often attacked than businesses in other countries, with a relatively high success rate, indicates just how urgently Dutch companies should start taking data breaches more seriously.
Security detection and monitoring are essential in detecting data breaches. After all, we can only intervene when we know what’s going on. Due to a lack of monitoring, many Dutch businesses have little overview of the data they hold. By “monitoring” here is meant a company keeping a close eye on its systems and actively tracking “data movements”. Ideally, an organization will at all times be aware of what data it has in its possession, and where that data is located within the company. In this way, an organization can take appropriate measures to protect this data. Security teams at almost 25% of all Dutch organizations discover less than half of the data breaches that occur, while detection is essential for protecting data properly. It only takes a few minutes – or even just a few seconds – for someone with criminal intent to penetrate a system. This means that the data is often stolen in no time at all. However, as the report shows, it often takes months before an organization detects a data breach. Also, security specialists are not always the first to discover a data breach: it is often discovered by ordinary employees or the public prosecutor’s office.
To improve monitoring, organizations may use a security operating center. Larger organizations often have such teams in-house, but for many businesses it will be more attractive to outsource this to a specialized party. This gives them access to advanced analysis and response capabilities, well-trained staff and the most up-to-date technologies.
Many organizations no longer see cyber security and the protection of sensitive data as a minor matter. If they want to keep the trust of customers and shareholders in the long term, they need to think carefully about cyber security issues and be ready to respond proactively. So what can you do to protect your company from data breaches? Although there is no one-size-fits-all solution, the most important first step is to make an inventory of what types of data are kept where in your organization. In addition, you need to monitor what is going on. Unless you have a good pair of eyes in your network, you run the risk of detecting breaches late, or not at all. It is also important to make employees more aware of the need to protect sensitive data. In short, “Play it safe and never lose sight of your data!”
Read more about Accenture’s High Performance Security Research from 2016.