Subscribe
About

Shoring up defences amid increasing data exposure threats

While vigilance remains everyone’s responsibility, the CSO’s role is continually expanding to incorporate a deeper understanding of the human psyche.
Sandro Bucchianeri
By Sandro Bucchianeri, Absa group chief security officer
Johannesburg, 18 Jun 2021

In December 2013, Manchester United goalkeeper David de Gea famously equalled the Premier League record for saves in a single match (14). He helped Manchester United beat Arsenal 3-1 at the Emirates Stadium in London.

It was an astonishing performance from the Spaniard, as he almost single-handedly kept Arsenal at bay, and the score line could have been very different but for his man-of-the-match display.

This brings to mind the significant challenges that chief security officers (CSOs) worldwide face daily in constant attacks against the foundation stones – the goalposts in an organisation's football terminology.

As our world has become more digitalised, so too has the frequency and intensity of cyber attacks and security breaches, with CSOs directly in the firing line and doing all they can to prevent such, ala De Gea.

The hard truth of the matter, though, is that data breaches and leaks are no longer the exception to the rule but an almost everyday occurrence.

The stats support this growing trend and make for difficult reading for anyone in the cyber security sector. Research published by AtlasVPN revealed that as many as 45% of businesses globally had a data breach in the 12 months between September 2019 and September 2020.

The published figures are based on a survey conducted by Kaspersky and B2B International that involved interviewing 4 179 global businesses with between 50 and 4 999 employees. Companies that took part in the survey came from the financial services, government, manufacturing, IT and telecommunications, and retail and wholesale sectors.

The analysis revealed that, out of the 4 179 businesses, 45% had lost data to hackers over the year. IT and telecoms companies saw breaches most often, with 53% of organisations losing data to security breaches. This is of particular concern because IT and telecoms businesses often hold sensitive customer information.

The retail and wholesale sectors also didn't fare very well, with 52% of businesses having experienced a data breach during the period under review. The consequences of a breach can frequently lead to brand damage and a breakdown in trust across the customer base.

Financial services were third on the list, with exactly half of the respondents reporting their business lost sensitive data to cyber criminals. This is of particular concern given that customer accounts are at stake, and breaches are likely to draw regulators' attention.

Those in the government sector are not immune, as 46% had a data leak in the 12 months. According to AtlasVPN: "Attacks aimed at government are more often than not supported by foreign authorities, whose aim is to obtain political and military information."

Although manufacturing and industrial companies experienced data breaches least often, they still saw a significant amount, at 43%. These breaches are generally because a competitor hires a hacker to steal inside data to destroy competitive advantage.

The hard truth of the matter is that data breaches and leaks are no longer the exception to the rule but an almost everyday occurrence.

Among the notable and high-profile breaches recorded during 2020, Microsoft reported that several servers used to store user analytics had been exposed on the Internet without proper protection. It was further revealed this month that the software giant had been targeted by hackers who homed in on Microsoft's business e-mail software and reportedly compromised the integrity of tens of thousands of accounts.

In early 2020, the Defence Information Systems Agency, which handles IT for the White House, admitted to a data breach possibly affecting employee records; global hotel chain Marriott suffered a cyber attack that affected over five million hotel guests; and Whisper, the anonymous secret-sharing app, saw millions of user-profiles and data exposed.

Other corporates that saw data breaches of one form or another during 2020 included Nintendo, EasyJet and South Africa's Postbank. In November last year, Manchester United said it was investigating a security incident affecting its internal systems.

External threats come in many forms and are directed at both organisations and customers. I've written about this before, and there is no reason for any of us to let our guard down when it comes to external attacks.

But what about internal threats?

Far more discreet but also destructive is the threat that comes from within.

According to ObserveIT's 2020 Cost of Insider Threats study, the latest research available, insider threat incidents increased by a massive 47% globally since 2018. The average annual cost to companies of insider threats has also rocketed, rising 31% to $11.45 million in only two years.

Closer to home, local companies including Absa have experienced insider threat incidents. Last year, we dealt decisively with an employee who shared data unlawfully. The employee was dismissed and faces criminal charges, as has been reported in the media.

Internal monitoring and control systems need to be continuously reviewed and revised, particularly as remote working becomes more mainstream and brings challenges in ensuring adequate security protocols are in place across the business's entire operation.

Vigilance remains everyone’s responsibility – from businesses that keep data, to customers who must monitor their transactions and bank statements closely, and who should never share their PINs and passwords.

The role of CSOs – and indeed, the broader leadership of organisations – is continually expanding to incorporate a deeper understanding of the human psyche and human element. The COVID-19 pandemic has placed intolerable stresses on individuals and households, and this can easily default into erratic, negligent and even criminally deviant behaviour.

Part of businesses' growing responsibilities from a security perspective will be to understand and assess employees and the benefits and risks they pose to the organisation. This is our new normal, and CSOs can begin the step-up security by implementing the following basic rules:

  • Constantly educate and update teams about what constitutes potential threats
  • How to recognise, report and address suspicious behaviour.
  • Purge dormant accounts.
  • Implement robust authentication protocols.
  • Strictly monitor third-party access.
  • Sentiment analysis such as login times and lengths can help early detection of a threat.

Our job is to make it harder for cyber criminals and those with malicious intent to compromise our defences and score goals. We have to be like David De Gea was on that December day in 2013 and stand tall and firm in the face of the barrage of attacks.

Share