Every piece of information has value for somebody. Credit card data, personal data, business information, legal documents…
Cybercriminals still compose complicated attacks today but there is one thing in common in all of them: they all do intelligence gathering which includes not only the technological circumstances but the organization too. To succeed they have to ‘get behind the fence’, behind the firewalls to be able to deploy the malicious code. Access rights to corporate databases and digital information are dynamically changing daily and criminals are proactively looking for those employees who have the most access rights in place.
With a secure and reliable data breach prediction system, companies could regularly audit the access rights of all employees and strictly revoke all unnecessary rights, so even if a malicious insider wants to cause damage, the person is limited and cannot ‘shut the lights down’ entirely.
There are many types of external and internal threats but with decades of experience behind us in cybersecurity, it is now possible to predict all future breaches a company is likely to face in the coming year, either coming from outsiders or from someone within.
Predict to prevent
When an organization handles data, it should also take security measures to prevent potential data breaches. These kinds of preventive measures are not a response to an external threat, but a set of internal risk assessments and security protocols that can protect against both external and internal attacks. Of course, breaches can happen for various reasons, intentionally or unintentionally, committed by internal personnel or by an external person.
For example, in 2018 Facebook had to fire a security engineer who took advantage of his position to access information about women he later used to stalk online. Or, in 2020, a repository hosted on GitHub with data containing personal identity documents and system credentials including passwords, AWS key pairs, and private keys were accidentally exposed by an Amazon Web Services engineer.
With the help of breach prediction, all companies should continuously analyze every employee in the digital environment and pinpoint workers whose access rights mean the biggest risk – in case their credentials are stolen, lost, or sold to criminals. If a breach is found, TheFence for example can automatically revoke the most unnecessary or excessive rights risks, so companies do not have to get lost in manual remediation.
The perfect system can predict where a data breach is likely to occur within a company. Pervasive risk analysis and monitoring must be an integral part of the preventive methodology.
If you handle data, you are a bank. A data bank.
The famous saying that ‘if you don’t pay for a product, you are the product’, is even more true in today’s digital space. If you are the product, then your behavior and the data it generates will be the value that can later be turned into revenue. Look at it from a business perspective: a very significant part of the revenue of a company comes from converting customer data into some other currency through a series of processes.
The black market has a price for this data (for example credit card data can be bought for $5-$150).
But you don’t have to go very far, a simple advertising campaign is also trading data, so any organization that is in some way handling and processing data is essentially behaving like a data bank where the currency is data itself. The user puts their assets into the ‘vault’, however secure it may be, and trusts the company will do its best to protect them. However, many organizations do not operate with the same security protocols as a bank, even though the assets under management are often much larger.
Data breaches are like breaking into and robbing a bank, only in this case, once you lose the users’ data, you can’t print new ones. There is no insurance to compensate you or your clients. You must replace the data, but you cannot replace someone’s date of birth.
A data breach prediction system like TheFence is the first step in your successful cyber protection. It is capable of real-time risk analysis, and it can help us identify internal vulnerabilities. It’s very important to prevent insider threats and potential security risks before they become critical issues.
The gap in the shield
When you visit your bank you are allowed to manage your financial assets only after extensive documentation and identification but there may be some things you don’t see. Because you can’t see.
For example, you don’t see that the customer service representative has post-it notes hidden under his keyboard. You don’t know that their new colleague, who has been on on-the-job training for a week, has already been given full access to live customer databases. You don’t know that most of the WhatsApp phone numbers of bank employees have recently been leaked and are already being used by several shady darknet customers. Still, being unaware of these risk factors, your confidence is not shaken.
If you’re reading these lines as a customer, you’re actually in a good position: at the very least, multi-factor protection ensures that nobody can access your data. But if you are a business owner or an IT security manager, reading the above may have left you with questions and doubts about what gaps are still in your corporate cyber defense shield.
In the contemporary cybersecurity environment, there is simply no alternative. Without advanced automation and cyber resilience, you are taking on undisclosed risks to your company’s business data management every second. And if data is being managed, the reality is that your company is also a data bank. But the analogy is incomplete: you have no deposit insurance behind you, and the trust of your customer base is far from unshakeable. The contents of a hacked safe can be largely replaced, but a customer’s data? Not so much.
Better safe than sorry
Having antivirus and firewall was enough 20 years ago, but not anymore. Establishing a robust business continuity plan, creating regular back-ups, and testing the backups and the recovery process can ensure your company doesn’t have to be afraid of ransomware or a sabotage-like attack. A company that handles data must maximize its security measures, otherwise, after one breach, its customers’ trust is gone and PR can start its windmill fight amid GDPR penalties, not to mention the financial damage.
So, the focus should be on a preventative cyber defense posture, a series of up-to-date security protocols, and internal risk assessments. This is where our TheFence platform fits in, fending off both external and internal attack vectors. It is not a vulnerable target: it operates in isolation, with no access to customer data.
The regular and automated examinations – run by TheFence – to eliminate errors and accidents are indispensable. When we run PoCs with potential customers we almost always find critical examples of breach sources such as employees who left the company years ago and still have active access to company assets, just like at Coca-Cola in 2018, where 8,000 individuals were exposed by a former engineer who took computer files with him when he changed jobs.
The numbers speak for themselves: Cybercriminals could penetrate 93% of company networks and cybercrime cost U.S. businesses more than $6.9 billion in 2021. It is not surprising that digital data ownership is regulated very precisely by many security standards. Not to mention manual investigation, which is focusing on discovering the employees’ access rights status. There is also a new report by Gartner that predicts that by 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020. This means that a secure and trustworthy data breach prediction system is essential for a company’s survival.