GRC Viewpoint

Protecting from Data Breaches Requires Prevention Focused Tools

Data breaches have hit an all-time high. The cost of a breach, according to IBM, is now a whopping $4.35 million this year. When phishing is the initial attack vector, the average cost rises to $4.91 million; Business Email Compromise attacks cost $4.89 million.

Breach costs have increased by nearly 13% over the last two years, causing 60% of companies to raise their prices to consumers.

In some industries, that number is even higher. In healthcare, for example, the average breach cost is $10.1 million. This was the 12th year in a row that healthcare topped the list. Finance is right behind at $9.23 million.

Data breaches are becoming ever more expensive both in terms of the number of lost records and loss of customer trust. Hackers want this information because it pays. For example, according to a report from Comparitech, a stolen credit card number can go for $17.36 on the dark web. A stolen PayPal account can go up to $197. The real jackpot, though, is medical records. According to Experian, a stolen medical record can go for up to $1,000. In 2020, some 29 million healthcare records were breached. Plus, the average cost of a healthcare-related data breach was $9.23 million, the highest of any industry, and up from $8.13 million in 2020.

According to a study from Ping Identity, 81% of consumers would actually stop engaging with a brand after a breach.

Simply put, data loss prevention is essential, both in terms of the actual data itself, the cost involved and business reputation.

In order to fully protect against data leakage, enterprises need to implement comprehensive phishing protection and customizable data leakage protection options. Complete data leakage protection will include full suite protection, with DLP policies also applying to collaboration and file-sharing apps.

How, then, can enterprises best do this?

Some 91% of breaches start with email. So the best way to stop data loss is to prevent your cloud accounts from being compromised. That starts with stopping phishing attacks.

Beyond that, implementing data loss prevention technology is critical. This gives admins the ability to inventory records and control how they are shared. And it ensures that sensitive information isn’t disclosed publicly.

A strong DLP program will create and automate universal policies across multiple cloud applications, so as to control how files are shared amongst internal and external users. It’s also important to protect against outside actors. Should a hacker infiltrate the system, a DLP policy that’s already identified and marked files containing confidential, financial and personal information would come in handy. Additionally, watermarking and file retraction can provide audit trails and file controls long after a document has left the organization.

Instead, organizations should choose a comprehensive solution that integrates with all of your existing security; a solution that is customizable and easy-to-use; a solution that keeps data flowing without it ending up in the wrong hands. It means protecting all places where data lives. If you are protecting data in email but not in collaboration or file sharing, your data is not truly protected.

It’s important to remember that data leakage can happen anywhere. That’s why data leak protection needs to apply to file sharing apps like Dropbox and Google Drive, and collaboration apps like Slack and Teams. Some good rules of thumb are to create Flexible workflows to determine if the content is quarantined, whether the user should be alerted, and/or the file is encrypted with IRM. This includes leveraging DLP security tools to detect leaks of sensitive information. When necessary, adding -classified suffix to the end of confidential messages or files can be helpful for user education.

Finally, some of the biggest losses an organization can incur are through Business Email Compromise attacks. These tend to spoof an executive or partner, often asking for sensitive information or money. One common attack is when a partner organization is hacked; the hacker inserts themself into an existing email chain and changes the information on an invoice. To help combat that, data leakage rules can play a big role. Utilizing DLP to alert when someone sends an invoice or a Credit Card number can help finance and security operation teams identify when an invoice is paid that doesn’t match what’s on file, or when it’s paid to someone it shouldn’t be paid.

In today’s business environment, data is a form of currency. Data is used to build better products, to improve processes, to serve customers better. The more data you can obtain and properly deploy, the better off your business will be.

That means keeping your data safe is more essential than ever. With proper processes, education and DLP tools can keep your data safe and in the right hands.

By Jeremy Fuchs, Cybersecurity Researcher / Analyst at Check Point

Related Articles

Latest Articles