Why data breaches keep happening

Data breaches remain prevalent in the enterprise. Learn what companies are doing right—and wrong—when it comes to prevention.

Why business can't keep the public safe from data breaches Cyber-threats pose an existential challenge, says RedSeal CEO Ray Rothrock.

In my 26 years working as an IT professional I've been fortunate to steer clear of a major data breach, which has adversely impacted my workplace either from a financial or reputational standpoint. 

I've had some close calls: One organization had a proxy server hacked and used to send spam emails and another had an external Google account compromised. Fortunately, in both cases the threat was minimal, and no actual breach of confidential information occurred.

SEE: Windows 10 security: A guide for business leaders (Tech Pro Research)

However, I can't claim any special exemption from the threat; some days it's a matter of skill, luck, or largely both.

I spoke to Matthew Honea, director of cybersecurity for Guidewire Cyence Risk Analytics, a software-as-a-service provider based in California, to discuss the latest data breaches.

Latest data breach trends

Scott Matteson: What's the latest news in the data breach space?

Matthew Honea: Data breaches are increasingly more common—61% of IT professionals have experienced a serious data breach. This growth is largely attributed to increased reliance on technology, which increases a company's vulnerability, and hackers are rapidly adapting to new trends. Hackers use a variation of methods—such as data mining and AI—and target a range of entryways, from the cloud to appliances to access data.

As new technologies such as 5G and broader IoT capabilities come to light, concerns about how this will further enable cyber risks are emerging. While these advancements provide significant business advantages, they also require new and advanced security protocols to address the escalated breach methods they foster.

What companies do wrong

Scott Matteson: What are companies doing wrong?

Matthew Honea: Lagging education around risk. According to IBM, 27% of data breaches are caused by human error, meaning more than a quarter of breaches could have been easily prevented with better education. This is seen across all levels of experience, as many companies still lack the proper protocol and protections to help mitigate risks for them and their customers. For example, Hiscox found that 27% of US companies do not have plans to purchase cyber insurance. 

Additionally, companies lack reporting standards that could help provide insights into how breaches occurred. While tighter regulation across the country and markets would help improve total standards, that will take time. In the meantime, companies should work closely with insurers, and other relevant parties to provide as much insight as possible so that all involved have a better understanding of what is needed to protect themselves.

SEE: 10 dangerous app vulnerabilities to watch out for (TechRepublic download)

What companies do right

Scott Matteson: What are companies doing right?

Matthew Honea: Companies are increasingly more aware about data breaches and their risk. For example, we have seen cyber insurance gain traction in purchasing following the fallout of larger attacks like the Marriott breach. 

Ultimately, understanding data matters. It is not only critical to have data; it must be used. Companies need to analyze data, determine what it means, and how to use it. Understanding breached data has a huge impact in severity modeling and determines good models from faulty ones, as recent attacks such as the one on Norsk Hydro have shown.

Lingering problems

Scott Matteson: What problems still linger?

Matthew Honea: Human error continues to be a factor, as does the lack of understanding of risks by leaders and executives. Companies need to understand that they cannot remain stagnant on the issue, particularly as hackers continue to evolve.

Additionally, companies are not taking proper steps to protect their information. For instance, encryption can prevent discovered data from being stolen. Yet, only 41% of companies have an encryption strategy in place according to Thales..

Finally, companies need to embrace reporting breaches. While many avoid reporting due to the perceived negativity around news coverage, this is also related to an overall lack of general understanding around varying levels of breaches and how common they truly are. We need to break the silence to better educate.

Scott Matteson: What problems are new?

Matthew Honea: Technological advances create new risks. Adoption of IoT devices allow even refrigerators to be hacked to gain access to a company's data records. As 5G pushes forward, attacks will become more frequent as we become more connected. Additionally, as cloud providers increasingly grow in scale, and more companies share cloud servers to save money, the risks of the cloud being hacked could put many companies at risk on an unprecedented scale.

SEE: Encryption: A guide for business leaders (free PDF) (TechRepublic)

Scott Matteson: What problems do you foresee in the future?

Matthew Honea: New methods of hacks will continue to be found, as new technologies are utilized. Along with that, companies will continue to adopt new technologies quickly without fully understanding the risks, and properly preparing for it. IoT specifically carries a huge amount of risk and is growing at a staggering rate. It is critical that companies conduct a full risk assessment and implement strict protocol before jumping on any new trend.

Scott Matteson: How are governments/law enforcement agencies handling this?

Matthew Honea: Governments continue to propose new reporting procedures, with Ohio and South Carolina passing legislation to improve processes. All forms of government, from local to federal, needs to continue pursuing legislation to help the public and enterprises gain more knowledge around cyber-attacks and how best to prepare for them.

Law enforcement agencies also need to improve reporting time so that an attack can be addressed faster, lessening the chance that it will spread or be repeated.

Also see

Cyber security breach concept

Image: Getty Images/iStockphoto

By Scott Matteson

Scott Matteson is a senior systems administrator and freelance technical writer who also performs consulting work for small organizations. He resides in the Greater Boston area with his wife and three children.