Five Common Causes of Data Breaches

Data loss or data breach are the most dreaded terms of any business that stands to lose Intellectual Property (IP), incur financial losses, and lose goodwill and reputation. The threat of a data breach haunts all industries across verticals. The danger has increased in these times when businesses are getting used to the so-called “New Normal” of work from home/work from office hybrid models.

According to an IBM report1, the cost of data breaches hit a record high ($4.24 million per incident) during the pandemic phase.

To prevent data breaches, we must first understand what causes them. In this blog, let’s analyze five of the most common causes of data breaches worldwide.

Human Error

Research2 conducted by Stanford University in collaboration with a significant cybersecurity organization found that human error continues to be the top contributor (88%) to overall data breaches. Here are some common ways your employees can spill the beans.

  • Poor password hygiene: Most employees are notoriously careless regarding password management. In fact, many employees are known to use the word “password” itself as a password. Further, using a password for an extended duration, writing it down, and sharing it with colleagues and managers substantially increases the risk of a data breach.
  • A misdirected email: Let’s admit it! Most of us do this at least once in our lifetimes. We intend to send that confidential report to John Smith, but we end up sending it to Jon Smith, who’s a consultant or vendor. Now that the data is out of the organization and lies with an unintended recipient, you’ve simply lost control of it.
  • Forgetful employees: You may have deployed an email security solution that requires senders to apply security manually to sensitive emails. Will they remember every time? Highly unlikely! Relying on employees to manually add protection to emails is inherently risky. While you may be worried about data security, all your employees may not share your concern on this subject.

Insider Threat

First, let’s define an insider. An insider could be your former employee, consultant, vendor, or partner with legitimate access to your network and data. The legitimate keys to the kingdom make it challenging to detect insider threats. It takes one rogue employee to cost you millions of dollars and ill repute.

The pandemic has fuelled the possibility of insider threats. According to a report3, 81% of the global workforce of 3.3 billion people have had their workplace wholly or partly closed. The distress caused by layoffs, furloughs, and pay cuts combined with reduced visibility of IT and security teams in the work-from-home environment is a perfect recipe for a rogue employee to perpetrate a security breach.

Let’s look at a couple of recent incidents where friends turned foes.

  • In December 20204, a former employee of CISCO accessed the company’s systems without authorization and deployed malware that cost the company more than 2 million dollars in damage.
  • In 20155, a Google employee stole several trade secrets from its self-driving car program to start his own venture. The stolen data included diagrams, source code, videos, PDFs, etc.

Poor Access Control

Proper permissions given to the right people can save you from a potential data breach on most occasions. However, there are some inherent challenges in the currently used access management models, and they can be challenging to navigate.

Let’s discuss the example of ECMs. Most ECMs allow you to set folder-level permissions, and everyone who has access to a specific folder gets access to all documents in it, along with some documents that may not be meant for everyone. Furthermore, the security and permissions of the ECMs do not get passed on to the downloaded copies.

Several employees quit, join, or get transferred to other departments every day in large organizations. Revoking permissions of former employees as soon as they left, assigning permissions to new joiners, and changing permissions for transferred employees can be a colossal admin overhead.

Sole Reliance on DLP and CASB Solutions

Enterprises have relied extensively on traditional security solutions such as Data Loss Prevention (DLP) and Cloud Access Security Brokers (CASB) to identify and monitor internal threats. They can even stop sensitive data from leaving the enterprise perimeter. However, relying solely on these solutions can turn fatal. For example, DLP can’t prevent data leaks when running only in “monitoring” mode.

Furthermore, legacy DLP solutions usually work with structured data. However, most of the data today is unstructured and, therefore, ignored by DLP. According to a report by IDC6, 80 percent of your data will be unstructured by 2025.

Increasing Use of Mobile Devices

In recent years, enterprises have encouraged employees to use their mobile devices for work and have detailed BYOD policies. The number of people using their personal mobile devices for work has increased rapidly during the work from home phase, and it’s expected to grow with the prevalent hybrid models of work.

Although using mobile devices is known to increase productivity, it comes with a host of security challenges. Enterprise-class malware, mobile botnets, presence of outdated or rogue apps, using public internet services, loss, device theft, etc., are known to cause data breaches in such devices. According to Verizon’s Mobile Security Index7 report, one in three organizations suffers data breaches from mobile devices.

You Need Data-Centric Security

While there are several other ways to experience a data breach, the ones listed above are the most common ones. Irrespective of the nature of the threat, there’s always a way to protect your data, even when stolen or leaked accidentally. Along with the security measures you’ve deployed, data-centric security could be a game-changer.

With data-centric security, you protect what’s most important – the data! Even if a malicious attacker, a rogue insider, human error, or poor mobile device security causes a data breach at the perimeter, your data will continue to be protected wherever it goes. Only authorized people will be able to access your data based on the permissions they’ve been assigned.

Watch this video to understand how Seclore’s data-centric security can protect your organization from data breaches: Understanding Data-Centric Security.




Related Posts