Definition: A data breach is a cyber-attack in which sensitive or confidential data has been accessed or disclosed to an unauthorised individual or software system.
Data breaches normally come in the form of exposed customer credit card numbers, corporate data, source code or peoples’ medical histories. When this occurs, the organisations responsible as custodians of this data are said to have suffered a data breach.
Due to the proliferation of digital devices, a lot of data now finds its way into the hands of businesses. Cloud computing has made information readily available and businesses seek to use that information to improve their processes as well as to better serve their customers. Unfortunately, malicious actors seek out vulnerabilities within these organisations in order to gain access to the business’s systems. There are several types of information they may access and exploit:
- Financial data—such as credit card numbers, bank details, tax forms, invoices, financial statements
- Medical or Personal Health Information (PHI)—as defined in the US HIPAA standard, “information that is created by a health care provider [and] relates to the past, present, or future physical or mental health or condition of any individual”
- Personally Identifiable Information (PII)—information that can be used to identify, contact or locate a person
- Intellectual property—such as patents, trade secrets, blueprints, customer lists, contracts
- Vulnerable and sensitive information (usually of military or political nature)—such as meeting recordings or protocols, agreements, classified documents
The price organisations pay for a data breach goes beyond what initially meets the eye. If a data breach results in a violation of government or industry compliance mandates, the offending organisation can face fines, litigation and even loss of the right to operate the business. Beyond material costs such as attorney fees, there are intangible costs such as damage to brand reputation and reduced trust by customers and partners.
Data breaches are particularly difficult to deal with because they can emanate from anywhere. Common vulnerable points include:
- Weak login credentials
- Social engineering scams
- Malware or ransomware
- Lost or stolen hardware (laptops, hard drives, mobile devices)
- Lack of access controls
- Back doors
- Insider threats
- User errors
A malicious actor normally goes through the same cycle of starting off by identifying potential targets. This may be organisations themselves or specific members of the organisation. The attacker then gains access to the organisation’s network. Some attackers may act immediately whilst others may stealthily remain in the network collecting sensitive information over a period of time. Lastly, the attacker transfers the sensitive data outside the organisation’s network, and either uses the data for personal gain, resells it on the black market, or contacts the organisation to demand ransom.
Only a comprehensive approach to data security will suffice as one mistake is one mistake too many. Imperva’s industry-leading data security solution protects against data breaches, ensuring your data is secure regardless of wherever it lives—on premises, in the cloud and in hybrid environments. It also provides security and IT teams with full visibility into how the data is being accessed, used, and moved around the organisation.
This comprehensive approach relies on adopting multiple layers of protection that encompass the following:
Database firewall—blocks SQL injection and other threats, while evaluating for known vulnerabilities.
User rights management—monitors data access and activities of privileged users to identify excessive, inappropriate, and unused privileges.
Data masking and encryption—obfuscates sensitive data so it would be useless to the bad actor, even if somehow extracted.
Data loss prevention (DLP)—inspects data in motion, at rest on servers, in cloud storage, or on endpoint devices.
User behaviour analytics—establishes baselines of data access behaviour, uses machine learning to detect and alert on abnormal and potentially risky activity.
Data discovery and classification—reveals the location, volume, and context of data on premises and in the cloud.
Database activity monitoring—monitors relational databases, data warehouses, big data and mainframes to generate real-time alerts on policy violations.
Alert prioritisation—Imperva uses AI and machine learning technology to look across the stream of security events and prioritise the ones that matter most.
It is through this approach and a collective of other cybersecurity best practices that an organisation can continue to safeguard its most sensitive data against the ever present threat of a data breaches.
Need to know more about how to protect your organisation? Contact DataGroupIT to explore the most suitable solutions for your digital ecosystem.
DataGroupIT is Africa’s leading Value-Added Distributor (VAD). By partnering with the best selection of established and emerging technology vendors across the globe, we, provide complex solutions for any size business, including Enterprise and SME markets across the African continent.
Our product portfolio offers comprehensive solutions for IT Security, Infrastructure and Enterprise Software.
We are fully committed to our business partners. Channels & vendors success is our #1 mission. Our professional teams across Africa deliver exceptional sales, presale, logistic, marketing and financial support that create the ultimate platform to accelerate our business partners’ success.
Contact Us today to find out more