Technology, cyber security and business news.

Do you have questions or concerns in the IT Industry? Contact our dedicated team of experts through social media or email for fast and personal assistance. If you are interested in advertising opportunities, please do not hesitate to inform us. We look forward to hearing from you!

Data protection day 2024

Loss of personnel records more noticeable than customer data

Data breaches can happen in any organization. In a new report from the Ponemon Institute conducted on behalf of the security company Barracuda Networks, just under half, 48 percent, of the surveyed organizations in five countries around the world state that they have experienced a data breach in the past year. According to the survey, it is a loss of financial information that is most felt. In second place comes the loss of personnel records. Only in third place comes lost customer data.

- Effective cyber security needs support from senior executives. If the consequences of a data breach are known, security is prioritized higher. The research also shows that not all data loss carries the same business risk. It enables companies to focus the security resources they have on their specific risk areas, comments Peter Graymon Barracuda Networks.

Peter Graymon Barracuda
Peter Graymon (formerly Gustafsson), Regional Sales Director Nordics

Losing information about employees stings hard for many

January 28 was Data Protection Day – a reminder to review the company's security procedures. Data privacy is about deciding who should have access to information, and data protection about protecting that information. A data breach affects both.

In the survey, financial data tops the list of information that would be most likely to be lost. Overall, 43 percent of respondents cited it as one of the top two data losses.

The loss of personnel records has the second largest impact overall (according to 37 percent of survey participants). The margin for third place with customers' personally identifiable information (36 percent) is small, but is higher for the largest organizations surveyed (40 percent). It may reflect that organizations often have more and more detailed, sensitive and confidential information about their employees than about their customers. Something that can be misused by attackers with the aim of, for example, blackmailing or recruiting malicious insiders.

The loss of intellectual property rights has a greater impact on smaller (30 percent) than larger companies (21 percent), possibly because smaller companies rely heavily on IP for competitive advantage.

Four root causes of data breaches

The survey shows the root causes of data breaches and reveals how widespread they are the digital attack surfaces has become, with many weaknesses that can expose networks and data.

The data breach occurs primarily for four different reasons:

  • An employee or contractor's activity, either through negligence (a root cause in 42 % of the violations) or malicious act (39 %)
  • IT security review - including unpatched vulnerabilities (34 %), errors in the system or operational process (41 %)
  • Mistakes by third parties (45 %)
  • External hacking – (34 %), phishing (39 %) and viruses or other malicious code (49 %)

Prepare today for an attack tomorrow

If approximately one in two companies suffered a data breach in the past year, it is not far-fetched to assume that all organizations will eventually experience a data breach. If nothing else, one should act as if it were the case.

- Start by doing the ground work right. This means having a strategy for authentication and access, with multi-factor authentication as standard and preferably moving towards a Zero Trust solution. Your IT infrastructure should have a deep, AI-powered security technology that covers all parts and inputs that can be attacked, from computers and mobiles to APIs, cloud services and more, Peter continues.

- Ideally, you should also hire security experts and receive round-the-clock monitoring in order to be able to respond, mitigate and neutralize all threats in time. And not least, continuously back up your data. Make sure all backup data is encrypted. Use the 3:2:1 method – three backup copies, with two different media, one of which is physically stored in a different location, concludes Peter Graymon.

At the same time, no measures are sufficient if the employees are not committed and trained. All employees need to understand why cyber security matters, stay on top of the latest threats and scams to watch out for. And know exactly what to do if they spot something suspicious.

The international research report was conducted by the Ponemon Institute on behalf of Barracuda. The aim was to find out the security challenges and financial consequences of data breaches that organizations with between 100 and 5,000 employees face. Ponemon surveyed 1,917 IT security practitioners in the US (522), UK (372), France (329), Germany (425) and Australia (269) in September 2023. The full report can be downloaded here: Cybernomics 101

Share this article
Shareable URL
Prev Post

Samsung launches SSD 990 EVO: Boosts performance for games, work and creative workflows

Next Post

Staffan Strand becomes the new division manager at Nexer

Read next