by Jasmine Chennikara-Varghese
The 2018 Verizon Data Breach Investigation Report (DBIR), which was recently released, reminds us that security is an ongoing challenge against evolving attack vectors and threats. It also acts as an advisory to continually monitor and improve safeguards on critical data, no matter the size of the organization.
Here are five insights from the Verizon DBIR to better secure your data and avoid becoming the next victim of a data breach
- Ransomware was cited as the top cyber security threat and was the most common attack vector for malware-related breaches. Ransomware is now not only encrypting employee laptops and desktops but can also propagate into the larger cyber landscape to encrypt data on critical business systems and databases. This means security and application teams need to more proactively manage access to those critical systems, keep patches up-to-date to mitigate vulnerabilities and schedule frequent and secure backups.
- Personally Identifiable information (PII) data seems to be a top target with 36% of breaches involving such data. Payment card and banking information were subject to breaches in 34% and 13% of the cases, respectively. With the onset of GDPR regulations, it becomes more important than ever for organizations that operate globally to become more proactive in protecting personal data for both customers and employees.
- In the healthcare sector, breaches have increased by 81% and ransomware was the culprit for 85% of all data breaches involving malware. Unlike in other sectors, insider threat is a higher risk than external attackers for healthcare. DBIR reports show that an insider threat accounts for half of the breaches, mainly through using existing privileges in a manner that is unauthorized and/or outside defined policy. Improved automated processes for privileged access and more widespread use of multi-factor authentication can better safeguard healthcare data. In addition, security and data owners need to ensure that a least privileged access approach is used and applications are continuously monitored for anomalous access and activities.
- Stolen credentials and privilege abuse are among the top five action varieties in data breaches. Here administrative accounts are an attractive target to threat actors since these accounts typically have full or highly privileged access to the system settings, configurations, master data, user authorizations and sensitive data. When oversight and continuous tracking of admin access and activity are lacking, these accounts provide attackers a foothold into your business critical systems. An established, automated user provisioning process, with access request, review and approve workflows and user privilege auditing along with user activity monitoring provides privileged access control and visibility into the usage of those admin accounts, whether it is for routine operations or emergency access. This accelerates detection and prevention of malicious behaviors or human error that could result in a data breach.
- Small businesses accounted for 58% of breaches. These organizations with limited technical resources, budget and technology have gotten the brunt of attacks, most likely because threat actors perceive them as easy targets. Putting in place even basic cyber hygiene measures such as diligent patching to reduce their vulnerability footprint, granting user access with least privilege approach and using multi-factor authentication along with proactive monitoring of all user activities can prevent and mitigate attacks and breaches.
Greenlight solutions surface the real-time cyber posture of access and actions on critical data in your ecosystem. Greenlight offers user provisioning and user privilege auditing as well as expanded visibility into application and transaction level security to manage business activities which involve sensitive data while also adding the right business context to help the IT, Application and Business teams rapidly identify and mitigate the data breach events. Learn how you can improve your safeguards with Greenlight and avoid becoming the next victim of a data breach… and another statistic in the Verizon DBIR.