Every day more than 6 million data records are compromised, with no organisation or sector immune. Organisations are facing a data breach war so it’s imperative that ‘know your enemy’ becomes part of their battle tactics.
Data breaches come in various forms and sizes – not all incidents are caused by sophisticated cyber attacks. To help you understand what your organisation is facing, here’s a breakdown of some of the most common breach types.
- Employee negligence/error
Something as simple as including the wrong person in the Cc field of an email or attaching the wrong document to an email could cause a data breach. We’re all guilty of making mistakes – it’s human nature – but employees need to understand the most important elements of information security, and all staff, technical or not, need to be made familiar with security awareness policies and procedures.
- Cyber attack/criminal hacker
The ways in which cyber criminals try to gain access to your systems are becoming more sophisticated. Often it isn’t always obvious that an attack has taken place until significant damage has been done. Cyber attacks can come in various forms, including denial of service, malware and password attacks.
- Unauthorised access
Access controls are designed to stop certain information from being seen by the wrong people. A breach of these controls means that someone has gained unauthorised access to sensitive data, such as bank details stored by HR, or potentially compromised business critical information.
- Physical theft/exposure
Although there is a lot of emphasis on the digital aspects of a data breach, physical exposure or theft of data is an equally important threat that organisations must consider in their security plans. This type of data breach can be caused by improper disposal of sensitive information, or simply leaving a confidential document in plain sight.
Ransomware is a type of malicious program that demands payment after launching a cyber attack on a computer system. If the organisation fails to comply with the extortion, the program threatens to destroy its essential data although there’s no guarantee that it will regain access to its data even after paying up.
- Insider threat
Your employees know how your organisation operates, how vital information can be accessed and the measures in place to protect it, which is why you should put in place appropriate training and security protocols.
Emails are a common part of our daily lives, making them a popular attack vector for cyber criminals. Crooks might adopt the seemingly legitimate credentials of such organisations as insurers, banks, etc. to gain access to your personal information by encouraging you to click an unsafe link or download a malicious attachment.
Are you prepared for a data breach?
The data breach war is a reality for all organisations, and the list above highlights just a few of the threats that you need to prepare for. Moving forward, your organisation must continually assess, update and improve its defence measures. That journey will be a long one; Vigilant Software can help you start, maintain and upgrade your cyber security and privacy management measures.
Become and stay secure
Our portfolio of products are all Cloud-based; as such, they are easy to integrate and are designed to support your organisation’s ability to become and remain secure. They also help your organisation meet relevant laws and regulations. Our tools – vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager – help you to identify your legal requirements, understand the data you process and conduct information security risk assessments in line with international best practice.
Find out more
To learn more about our range of tools and protecting your organisation from a data breach, watch our short introductory videos: vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager.
To request a demonstration of any of our tools, please click here.