Threats to your data are virtually everywhere these days, and too often, data compromises seem almost inevitable. But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats.
IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Thirty percent of those incidents occurred in manufacturing organizations. Malware attacks via backdoors made up 21% of all incidents, and 17% were ransomware attacks. For the 12th year in a row, the average cost of a breach was the highest in the US healthcare industry at $10.10 million.
Data protection and data privacy
Data protection, defined as protecting important information from corruption, damage or loss, is critical because data breaches resulting from cyberattacks can include personally identifiable information (PII), health information, financial information, intellectual property and other personal data. Data breaches can be disastrous for organizations. But the loss of personal information in a data breach can also have significant consequences on an individual, including financial loss, identity theft, other fraud, emotional distress and even damage to reputation.
Closely related to data security and an integral part of taking a proactive stance toward it is data privacy, or how data is stored, accessed and secured against improper access, theft or other loss. An example of the importance of data privacy is in the healthcare industry, where it’s critical to protect confidential patient information for patient trust and comply with regulations.
Staying on top of data security to keep ahead of ever-evolving threats
Data security is the practice of protecting digital information from unauthorized access, corruption or theft throughout its entire lifecycle. It refers to the processes and tools used to safeguard a corporation’s data across all platforms and applications—both on-premises and in cloud computing—from unauthorized access, corruption, accidental disclosure, modification and loss.
The key to secure data is maintaining an organization’s data confidentiality, integrity and availability (CIA) throughout its lifecycle. That can include trade secrets and other sensitive information.
A comprehensive data security strategy includes people, processes and technology. It means physically securing servers and user devices, managing and controlling access, application security and patching, maintaining thoroughly tested, usable data backups and educating employees. But it also means having a comprehensive set of threat management, detection, and response tools and platforms that protect sensitive data across today’s hybrid cloud environments.
Where do data breaches originate?
It’s important to remember that sensitive data needs to be protected from both insider and outsider threats. Outsiders can include lone hackers and cybercriminals who can belong to a criminal group or a nation-state-sponsored organization. Threats can come in the form of destructive malware, phishing or ransomware.
Insider threats include current and former employees, customers or partners, and accidental breaches by employees. One such breach occurred in May 2022, when a departing Yahoo employee allegedly downloaded about 570,000 pages of Yahoo’s intellectual property (IP) just minutes after receiving a job offer from one of Yahoo’s competitors. In 2021, a Dallas IT employee was fired for accidentally deleting 15 terabytes of Dallas police and other city files.
Best practices for proactive data security
Best cybersecurity practices mean ensuring your information security in many and varied ways and from many angles. Here are some data security measures that every organization should strongly consider implementing.
- Define sensitive data. Implement data classification based on how sensitive and valuable it is. That tells you which data must be protected from unauthorized access to prevent harm to individuals and businesses.
- Establish a cybersecurity policy. Create a plan that lays out your organization’s statement of intent, principles and other approaches to cybersecurity.
- Create an incident response plan, a written document that details how you will respond before, during and after a suspected or confirmed security threat.
- Consider the increased use of personal computers, tablets and other mobile devices. Such mobile devices increase risk because they are authenticated and authorized in different ways and introduce new endpoints that need protection from cyber threats.
- Use dedicated data security software. An integrated data protection system can protect your assets by monitoring them, automating access control, setting up notifications, and auditing your password management.
- Put into place data protection tools such as data encryption algorithms, key management, redaction, data masking and erasure, and data resiliency. These tools guard against cybercriminal activity, insider threats and human error.
- Require strong passwords. Strong passwords are your company’s first defense in protecting data and customer information. Make sure you have a strong corporate password policy.
- Consider biometric technology, which verifies physical characteristics to identify individuals.
- Protect data with full, differential, and incremental backups stored in different locations so you know you can back up critical data for data loss prevention (DLP).
- Use external and internal firewalls to protect against any type of cyberattack.
Monitoring your users and who can access what data is also important.
- Monitor user activity to protect overall security.
- Limit data access to critical assets by only allowing employees needing access. A common data management error is making sensitive data available to the entire organization.
- Closely monitor users with increased access to view and alter sensitive data. It makes sense to keep tabs on users who can access your more private and essential data.
- Conduct regular reviews and remove permissions and authentications from employees who no longer need them. Ensuring that permissions are removed when no longer needed lessens the security risk.
- Manage third-party-related risks. These include vendors, contractors and other outside individuals with access to your organization’s data.
Another critical area is making sure you take care of your platforms, computers and records, both current ones and those you are disposing of.
- Educate employees about digital safety, including two-factor or multi-factor authentication. In addition to setting up corporate security policies, ensure your employees understand what they are and how to follow them. Make sure they recognize phishing and other cybersecurity threats.
- Secure databases in the physical data center, big data platforms and the cloud. Know what practices, policies and technologies will protect your databases, wherever they are located.
- Dispose of old computers and records securely. Don’t throw your private data away with your machines. Sanitize computers for data erasure and destroy all records.
Regulatory compliance efforts are just a start
Amid growing public concern about data privacy, governments worldwide are introducing stringent compliance regulations. Current approaches to data privacy and data protection are mostly reactive, which can place an onerous burden on compliance officers as current regulations evolve, new industry regulations are introduced, and the penalties of non-compliance continue to rise.
To comply with data protection regulations, highly regulated industries require organizations to maintain high data security. For instance, the California Privacy Rights Act (CPRA) protects the privacy rights of California consumers, and Health Insurance Portability and Accountability Act (HIPAA) applies to US healthcare organizations. The PCI Data Security Standard (PCI DSS) helps businesses accepting credit cards to process, store and transmit credit card data securely.
There are many reasons it’s vital to be proactive about keeping data safe. The threat of data breaches or losses, failed audits or regulatory compliance failures can not only damage an organization’s reputation and compromise intellectual property, but also bring about substantial fines. For instance, data breaches under the EU’s General Data Protection Regulation (GDPR) can cost an organization up to 4% of its global annual revenue or 20 million euros, whichever is more.
Fines for not complying with data privacy laws can also be steep in the US. Violating HIPAA Privacy Standards can bring fines ranging from $1000 to $50,000 per violation. The Federal Trade Commission (FTC) can assess penalties of up to $40,000 per violation of the FTC Act or the Children’s Online Privacy Protection Act (COPPA), with each day of non-compliance being a separate violation and fine.
Yet, facilitating compliance is challenging as data sets, organizational structures and processes become increasingly complex. For example, much of today’s data resides across a hybrid multicloud environment, on-prem and in multiple clouds and data lakes.
The cost of data breaches: Why a proactive approach matters
Companies need to get proactive about data security since a breach can be disastrous for their bottom line. In 2022, it took an average of 277 days to identify and contain a data breach. But if organizations could shorten this time to 200 days or less, they could save an average of $1.12 million. Stolen or compromised credentials, the most common type of breach, cost companies $150,000 more than other types of data breaches. They also took the longest time to identify, at 327 days.
Having an open, intelligent approach to accessing, curating, categorizing and sharing data across the enterprise helps strengthen compliance and also enables more insightful, data-driven decision making. The more you know and protect your sensitive data, the better you can use that data in new projects and increase your organization’s innovation.
Data security solutions and IBM
The automated data governance capabilities in IBM data fabric solutions ensure a required level of privacy is enforced as sensitive data is consumed within key endpoints across a distributed data landscape. By combining data fabric and data security, organizations can ensure their data remains compliant and secure, and their networks are protected.
As an organization’s data footprint expands across various environments, partners and endpoints, the threat landscape also expands. Cybercriminals seeking to exploit security vulnerabilities put sensitive and valuable information at risk. It’s vital to confidently protect data, which is a critical foundation of every business operation.
Data security solutions, whether implemented on-premises or in a hybrid cloud, help organizations gain greater visibility and insights into investigating and remediating cybersecurity threats, enforcing real-time controls and managing regulatory compliance.
IBM Security Guardium offers a comprehensive solution of products designed to help clients protect sensitive data, preserve privacy and address compliance throughout the data security lifecycle.