Subscribe

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
Subscribe
Facebook Twitter Instagram LinkedIn Pinterest
Contact us

Loss of personnel records more noticeable than customer data

IT industrybyIT industry
January 29, 2024
Data protection day 2024 Data protection day 2024
Data protection day 2024

Data breaches can happen in any organization. In a new report from the Ponemon Institute commissioned by security firm Barracuda Networks, just under half, 48 percent, of the organizations surveyed in five countries around the world say they have experienced a data breach in the past year. According to the survey, the loss of financial information is the most noticeable. In second place comes loss of personnel register. Only in third place comes lost customer data.

– Effective cybersecurity needs support from senior executives. If the consequences of a hacking are known, security is given higher priority. The research also shows that not all data loss poses the same business risk. This allows companies to focus their security resources on their specific risk areas, comments Peter Graymon at Barracuda Networks.

Peter Graymon Barracuda
Peter Graymon Barracuda

Losing employee information hurts many people.


January 28th was Data Protection Day (Data Protection Day) – a reminder to review your company’s security practices. Data privacy is about deciding who has access to information, and data protection about protecting that information. A data breach affects both.

Loss of personnel records more noticeable than customer data | IT industry
Advertisement

Financial data peaks in the investigation the list of the information that would be most noticeable to lose. Overall, 43 percent of respondents listed it as one of the two biggest data losses.

The loss of personnel records has the second largest impact overall (according to 37 percent of survey participants). The margin to third place with customers' personally identifiable information (36 percent) is small, but is higher for those largest organizations surveyed (40 percent). This may reflect the fact that organizations often have more detailed, sensitive and confidential information about their employees than about their customers. Something that can be misused by attackers for the purpose of, for example, blackmailing or recruiting malicious insiders.

The loss of intellectual property rights has a greater impact on smaller (30 percent) than larger companies (21 percent), possibly because smaller companies rely heavily on IP for competitive advantage.

Four root causes of data breaches


The study shows the root causes of data breaches and reveals how widespread they are digital attack surfaces has become, with many weaknesses that can expose networks and data.

The data breach occurs primarily for four different reasons:

  • An employee or contractor's activity, either through negligence (a root cause in 42 % of the violations) or malicious act (39 %)
  • IT security review – including unpatched vulnerabilities (34 %), errors in the system or operational process (41 %)
  • Third party error (45 %)
  • External hacking – (34 %), phishing (39 %) and viruses or other malicious code (49 %)

Prepare today for an attack tomorrow


If roughly one in two companies experienced a data breach in the past year, it's not far-fetched to assume that all organizations will eventually experience a data breach. If nothing else, you should act as if that were the case.

– Start by doing the groundwork right. This means having a strategy for authentication and access, with multi-factor authentication as standard and ideally moving towards a Zero Trust solution. Your IT infrastructure should have in-depth, AI-driven security technology that covers all parts and inputs that can be attacked, from computers and mobiles to APIs, cloud services and more, continues Peter.

– Ideally, you should also hire security experts and get 24/7 monitoring to be able to respond to, mitigate and neutralize all threats in time. And not least, continuously back up your data. Make sure that all backup data is encrypted. Use the 3:2:1 method – three backup copies, with two different media, one of which is physically stored in a different location, concludes Peter Graymon.

At the same time, no amount of action is enough unless employees are engaged and educated. All employees need to understand why cybersecurity matters, stay up-to-date on the latest threats and scams to watch out for, and know exactly what to do if they spot something suspicious.

The international research report was conducted by the Ponemon Institute on behalf of Barracuda to identify the security challenges and financial consequences of data breaches faced by organizations with between 100 and 5,000 employees. Ponemon surveyed 1,917 IT security practitioners in USA (522), UK (372), France (329), Germany (425) and Australia (269) in September 2023. The full report can be downloaded here: Cybernomics 101

Share
Share
Pin it
Tweet
Share
Share
IT industrybyIT industry
Published

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
Hostinger promotional banner
Advertisement

READ MORE