Almost every other week, there’s a story about some high-profile organization experiencing a data leak. In the U.S. alone, there were about 1,802 publicly reported incidents that resulted in 4.2 billion private records being leaked online. This is only the tip of the iceberg, since plenty of organizations that suffer leaks won’t usually report it to authorities or make headlines.
WHAT IS A DATA LEAK?
A data leak occurs when sensitive or confidential data is intentionally or unintentionally disclosed to an unauthorized third party. Data leaks usually involve exposure of sensitive files and information, such as customer data, contact information, health care data, financial information, social security numbers, credit card information, etc.
HOW DO DATA LEAKS HAPPEN?
Data leaks happen due to a number of reasons. They can be a result of a successful cyberattack or poor security practices by the victim organization. They can be due to human error (accidentally uploading or emailing data to an unintended recipient), malicious insiders (a disgruntled employee or a rogue insider), or employee negligence (lack of security knowledge, judgment, poor security practices, or a misconfiguration of a system). Data leaks can also happen via a third party (a supplier, vulnerable software) as well as lost or misplaced devices.
WHY DO THREAT ACTORS LEAK DATA?
Threat actors leak data for a number of reasons. To hold businesses hostage, attackers will threaten to disclose sensitive information unless a ransom is paid. This extortion is the major reason why data ransomware attacks are so successful. To carry out further attacks and compromises, if bad actors gain access to sensitive data, such as credentials, they can leverage that to infiltrate other systems and even third-party partner organizations. Depending on the type of data and how sensitive it is, attackers can monetize stolen data on underground marketplaces found on the dark web. To defame and derail businesses, some cybercriminals operate at the behest of competitors or rogue nations.
WHAT IS THE IMPACT OF DATA LEAKS ON BUSINESS?
Data leaks don't just result in loss of data; there are a number of different ways in which they can cause harm to organizations, including:
- Loss of revenue — if a leak results in exposure of sensitive customer information, those customers may walk.
- Loss of reputation — leaks can result in customers losing trust, affecting the band and business valuation.
- Legal implications — affected parties can file a lawsuit and this can trigger an investigation.
- Compliance failures — failure to comply with data privacy regulations, like GDPR and CCPA, can result in severe fines and penalties.
- Disruption of business activities — a major data leak can disrupt or interfere with routine business activities.
HOW CAN ORGANIZATIONS PREVENT DATA LEAKS?
Mitigation strategies are abundant, but processes can grow in complexity, so it’s wise to partner with cybersecurity services. Cited below is a partial list of some best practices organizations can follow to reduce the risk of data leaks.
Train employees well
Most breaches are a result of human error. Organizations must educate employees on the perils of data leaks and best practices when it comes to storing, protecting, transmitting, or sharing sensitive data. Regular security awareness training helps employees be more alert, responsible, and accountable for data security and helps develop security behaviors, such as higher sensitivity to phishing attempts, safe browsing, social media etiquette, use of password managers, etc., helping to lower the risk of accidental data leaks.
Clamp down on third-party risks
Uber, Samsung, Toyota, and others have suffered breaches due to vulnerabilities in third-party suppliers. Be sure to conduct thorough due diligence on critical suppliers and ensure they deploy best-in-class security standards and processes. Third-party risks also originate from APIs, applications, and software. Remember to maintain a software bill of materials (SBOM) so that businesses can track and monitor security risks of various components.
Tighten employee access and privileges
Avoid giving employees blanket access to all data. Limit use of administrator privileges and enable access to only those employees that require it. Restrict data downloads. Create a “zero trust” environment so that only authenticated and authorized users have access to critical systems. Mandate use of multi-factor authentication to reduce risk of identity theft.
Monitor data closely
Review and classify your data regularly. Focus on sensitive data and use data leakage prevention tools to monitor and control movement of data. Deploy encryption so that sensitive data can be encrypted and secured while at rest, in transit, or in motion. Use data discovery tools to carry out content analysis, tracking movement of sensitive content across the network. Use mobile device management tools with the ability to remotely wipe devices that have been lost or stolen.
Plug loopholes proactively
Scan your IT environment regularly for bugs and vulnerabilities. Patch systems regularly to plug loopholes and vulnerabilities. Configure firewalls, clouds, and other security systems so that attackers cannot take advantage of misconfigurations and open ports. If needed, leverage a third-party provider to test your security defenses by carrying out quarterly penetration tests.
Fixing leaks proactively will help avoid costly repairs down the road — the average cost of a data breach is currently $4.24 million. Lost data can probably be recovered in due time, but once trust or reputation is lost, it can be difficult to earn it back.