Welcome to IT-Branschen – The Channel for IT News, Cybersecurity and Digital Trends

For Companies, Suppliers and Decision Makers in the IT Industry

Digital strategy and insights for decision-makers in the IT industry

Subscribe

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
Subscribe
Facebook Twitter Instagram LinkedIn Pinterest
Contact us

Loss of personnel records more noticeable than customer data

IT industrybyIT industry
January 29, 2024
Data protection day 2024 Data protection day 2024
Data protection day 2024

Data breaches can happen in any organization. In a new report from the Ponemon Institute commissioned by security firm Barracuda Networks, just under half, 48 percent, of the organizations surveyed in five countries around the world say they have experienced a data breach in the past year. According to the survey, the loss of financial information is the most noticeable. In second place is the loss of personnel records. In third place is the loss of customer data.

“Effective cybersecurity requires support from senior executives. If the consequences of a data breach are known, security is given higher priority. Research also shows that not all data loss poses the same business risk. This allows companies to focus their security resources on their specific risk areas,” comments Peter Graymon at Barracuda Networks.

Peter Graymon Barracuda
Peter Graymon Barracuda

Losing employee information hurts many people.


January 28th was Data Protection Day – a reminder to review your company’s security practices. Data privacy is about deciding who has access to information, and data protection is about protecting that information. A data breach affects both.

Advertisement

Financial data tops the list of information that would be most noticeable to lose in the survey, with 43 percent of respondents citing it as one of the top two data losses.

The loss of personnel records has the second largest impact overall (according to 37 percent of survey participants). The margin to third place with customers' personally identifiable information (36 percent) is small, but is higher for those largest organizations surveyed (40 percent). This may reflect the fact that organizations often have more detailed, sensitive and confidential information about their employees than about their customers. Something that can be misused by attackers for the purpose of, for example, blackmailing or recruiting malicious insiders.

The loss of intellectual property rights has a greater impact on smaller (30 percent) than larger companies (21 percent), possibly because smaller companies rely heavily on IP for competitive advantage.

Four root causes of data breaches


The study shows the root causes of data breaches and reveals how widespread they are digital attack surfaces has become, with many weaknesses that can expose networks and data.

The data breach occurs primarily for four different reasons:

  • An employee or contractor's activity, either through negligence (a root cause in 42 % of the violations) or malicious act (39 %)
  • IT security review – including unpatched vulnerabilities (34 %), errors in the system or operational process (41 %)
  • Third party error (45 %)
  • External hacking – (34 %), phishing (39 %) and viruses or other malicious code (49 %)

Prepare today for an attack tomorrow


If roughly one in two companies experienced a data breach in the past year, it's not far-fetched to assume that all organizations will eventually experience a data breach. If nothing else, you should act as if that were the case.

– Start by getting the groundwork right. This means having an authentication and access strategy, with multi-factor authentication as the standard and ideally moving towards a Zero Trust solution. Your IT infrastructure should have a deep, AI-driven security technology that covers all parts and entry points that can be attacked, from computers and mobile to APIs, cloud services and more, continues Peter.

– Ideally, you should also hire security experts and get 24/7 monitoring to be able to respond to, mitigate and neutralize all threats in time. And not least, continuously back up your data. Make sure that all backup data is encrypted. Use the 3:2:1 method – three backup copies, with two different media, one of which is physically stored in a different location, concludes Peter Graymon.

At the same time, no amount of action is enough unless employees are engaged and educated. All employees need to understand why cybersecurity matters, stay up-to-date on the latest threats and scams to watch out for, and know exactly what to do if they spot something suspicious.

The international research report was conducted by the Ponemon Institute on behalf of Barracuda to explore the security challenges and financial impact of data breaches faced by organizations with 100 to 5,000 employees. Ponemon surveyed 1,917 IT security practitioners in the United States (522), the United Kingdom (372), France (329), Germany (425), and Australia (269) in September 2023. The full report can be downloaded here: Cybernomics 101

Share
Share
Pin it
Tweet
Share
Share
IT industrybyIT industry
Published

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
convendum banner
Advertisement

READ MORE