Cybersecurity crimes and data breaches are on the rise, both in terms of volume and cost. According to the Identity Theft Resource Center’s 2021 Data Breach Report, 1,862 data breaches took place last year, surpassing both 2020’s total of 1,108 and the previous record of 1,506 set in 2017.
In terms of cost per data breach, the number varies by magnitude, but can easily run into the millions. This is especially true when both direct and indirect costs are considered, such as lost productivity, theft of intellectual property, legal fees, reputational harm, costs for forensic investigation, and the expense for restoration and deletion of hacked data and systems.
Oftentimes, small to medium-sized businesses don’t think they are large enough to be targeted by cybercriminals and consequently lack the proper technology and processes to protect their network. But statistics show that all businesses are at risk, with 28 percent of data breaches in 2020 involving small businesses.
When confronted with the daunting task of developing a cybersecurity strategy, it’s common to be unsure where to begin. Using a structured, framework approach will help businesses stay a step ahead in identifying and recovering from security incidents, particularly data breaches, which represent one of the most concerning areas of security risk today.
What Is a Data Breach?
According to The Identity Theft Resource Center, a data breach is “an incident in which an individual’s name, social security number, driver’s license number, medical record, or financial record is potentially put at risk because of exposure.” In short, it’s an incident wherein information is taken or stolen from a system without the authorization of the owner.
Data breaches commonly happen as the result of a cyberattack — when an individual or group gains unauthorized access to an organization’s systems via various means. Some of these tactics include hacking, whereby cybercriminals find and exploit weaknesses in a system, phishing emails, in which bad actors send emails that trick recipients into clicking on links or downloading a file that contains malicious code, or repeated, automated attacks which seek to steal username and password combinations.
Preventing a Breach
Breach prevention in the digital age requires advanced technology solutions such as network firewalls, file and hardware-based encryption, backup, malware protection, vulnerability scanning, and more. It’s also critical to have a proactive approach and employ the most knowledgeable security team available. In addition, basic security policies need to be in place for secure data breach protection.
These include policies on:
- Risk Management identifies and assesses risks, prioritizes them in terms of operational criticality, and defines the level of resources needed for mitigation.
- Asset Classification prioritizes assets to determine appropriate levels of protection considering factors like the asset’s impact on the organization, its reputation and potential business opportunities.
- Information Systems Security defines security controls and execution steps for physical security, access management, network security, and other systems.
- Information Systems Assessment and Authorization outlines the defined security standards for each IT system and clarifies who is responsible for executing those steps. This policy ensures that new and existing systems are properly protected.
Mitigating and Responding to a Data Breach
Companies should do everything in their power to protect customers and shareholders and be transparent about their efforts in order to build trust. Being prepared with a data breach response plan can help mitigate some of the ramifications.
Some steps for planning for and responding to a data breach include:
- Organizing an Expert Response Team. This should include legal, IT, HR, forensics, and other areas needed to manage the aftermath of a breach
- Securing the Physical Area and Systems. Stemming the loss requires securing the physical area as well as systems through such actions as taking equipment offline as needed, updating passwords and access codes and monitoring and freezing systems and physical environment as necessary
- Checking for Exposed Data on compromised websites, etc. and removing it as quickly as possible
- Identifying and Removing Vulnerabilities. This involves verifying which data, applications, and systems were compromised, determining the number of individuals affected, and developing steps for recovery
- Creating a Communications Plan that takes into account all stakeholders. Deliver a clear statement that is open and thorough without divulging information that could add risk.
How LightEdge Can Help
The best way to handle a data breach is to prevent it, but this is not always possible. LightEdge has a full array of technology solutions, policy templates, and staff to help the overwhelmed IT security professional who simply doesn’t have enough resources or time to thoroughly protect against or respond to a data breach. Our highly trained experts can keep your organization ready to respond through our security and compliance services, including risk management, information security, audit preparedness, and support. To learn more about LightEdge’s security solutions, read our white paper “Preventing and Mitigating a Data Breach,” or visit our website for more information.