Business organizations got increasingly reliant on digital data, cloud computing, and workforce mobility. Simultaneously, the rise in data breaches became infamous too. The sensitive official data are stored in local machines and on cloud servers. The data breach, irrespective of simple or complex, gained access to the restricted networks.
If we delve deep into the origin history of data breaches, we can see that it all started when organizations thought of storing their important data digitally. In fact, it existed while individuals and organizations started to maintain records of confidential information. Before the abundance of computing, data breach was almost like breaching individual’s private and sensitive documents that were not disposed of. Still, the frequency of publicly exposed data breaches increased along with public awareness of the potential and rising breaches.
How does breach happen?
Data is breached once a cyber-criminal infiltrates a data source successfully and extracts confidential information. It can normally be done physically by accessing any system or network to steal data directly or remotely. The latter method is mainly used to target companies. There are certain steps which are normally followed prior to any breach incident:
1. Research – The cyber-crooks do extensive research in searching for vulnerabilities in the security of company people, systems or network.
2. Attack – The criminals make initial contact through network either officially or socially.
3. Network attack – This happens when a cyber-criminal takes the help of infrastructure, system or application vulnerabilities to penetrate the enterprise network. It is done by baiting employees into providing access to the company network by giving his/ her log-in credentials. Alternatively, he/ she might be fooled into opening a spam.
4. Exfiltration – Once the criminal gains the access, he/ she can compromise the network and take hostage of the confidential data. Hence, the attack becomes successful.
What is the data breach status in 2017 around the world and in India?
According to a research by The Economic Times, Indian companies might suffer Rs.11 crore losses due to data breaches in 2017, which is 12.3% more comparing to 2016. On the other hand, the average cost of the global data breach is expected to minimize by 10% in 2017.
Another research done by Ponemon Institute has found that the average cost of the data breach has increased from Rs. 3,704 in 2016 to Rs. 4,210 in 2017. In addition, 41% of Indian companies admitted that they experienced data breach scenarios in the recent past. Among them, 33% was due to system glitches, while 26% was because of employee/ contractor negligence.
What is the recent data breach in India and how many data were breached?
According to a study by a digital security firm Gemalto, 203.7 million data records were compromised in 18 data breaches in India till June 2017. Among them, the breach reported by food-tech company Zomato on May 2017 resulted in a theft of 17 million email addresses and ‘hashed’ passwords which are considered to be the worst in 2017 till date. However, Zomato CTO Mr. Gunjan Patidar announced on the company’s blog that no payment related data were affected.
How is this impacting the nation’s growth?
The data breach can have a serious and immediate impact on organizations’ ability to maintain business continuity effectively and best serve to its customers. There is a direct correlation between data breaches and customer loyalty.
Wastage of Money
The primary impact of any breach is the economic losses an organization normally incurs. Once the confidential data is leaked, companies spend heavily on investigations of the breach and incorporating stricter security protocols. In addition, lawyer fees, the filing of lawsuits and payment of fines to data protection authorities are also added up.
Disruption of Operations
Any hacking incident primarily involves stealing of proprietary and confidential information like research, business strategies, and financial reports. Compromised data and intellectual property force the organization to lag behind in competition and thereby affect business continuity.
Loss of loyalty
Customer/ client relationship is built on loyalty and breaches can lead to loss of reputation. Any hacking incident can damage the reputation of a company and shake the faith that its customers place in it. A recent study conducted by Gemalto has shown the direct relationship between data breach in an organization and its share price in stock market valuations.
Lesson learnt
It is highly important for companies today to be proactive in putting robust security systems in place to protect the company against possible threats. There are options available that can equip the organization with the core concepts of network security. According to the challenges faced by the company, the security measures are incorporated to get the maximum result.
Extra-precaution during Holidays
The holiday season signifies bright opportunity for the cyber crooks to reap maximum financial benefits. Organizations from the financial sector are always concerned about gift card frauds and experience more instances of identity theft. Almost 59% users are of the opinion that identity threats rise during the holiday season. With consumer trust declining gradually, it is the responsibility of the organizations to show them that they are actively protecting their data to diminish any concern.
How can we tackle the data breach?
Today business enterprises are depending on below steps to tackle data breach/ theft issues.
Invest in IT Security
The latest security technologies help prevent possible breaches by detecting network intrusions before criminals could access the confidential data. Identification of organizations’ vulnerabilities and building up tactics to avoid them is the first step. Several companies prefer to appoint specialized security firms for this and put the enterprise network under continuous observation.
Train employees
Occasionally, employees download malicious attachments unknowingly, install unauthorized software casually, select weak passwords for one or multiple accounts, transfer official files to their home PCs. These result in data breaches and help the cybercriminals’ bank on the vulnerabilities to strike on the unlawful activities. It is very crucial to educate the employees on best online security practices. It is wise for the entire organization to undergo basic training and protect the digital assets successfully.
Encrypt official data
It has been seen that almost 60% companies who suffered data theft did not encrypt their data. It is the most important step to prevent possible breaches and loss of official data.
Conclusion
In a nutshell, organizations should have an official contract that can protect them from any liability in case of the data breach. Today technology has brought the world together and at the same time, cyber-attacks are also intensifying in every sphere. However, organizations are out of alternatives but to constantly update themselves with the knowledge of current and evolving cyber threats and take adequate precautionary measures.
Read more – eScan Blog
