November 19, 2024 By Jennifer Gregory 4 min read

Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.

When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email, file sharing, managed transfer and secure file transfer. But there are many other communication tools, including SMS text, video conferencing and even web forms. Kiteworks’ research found that more is not necessarily better when it comes to security and communications tools.

The survey found that companies with more than seven different communication tools were at a significantly higher risk of data breach — 3.55x higher than the average. Only 9% of organizations overall reported more than 10 data breaches, but 32% of companies with more than seven communications tools experienced this high number of breaches. More communication tools also translate into higher data breach litigation costs, with organizations with more than seven tools reporting paying 3.25 times more in data breach litigation costs.

Impacts of a data breach

Companies with a high number of data breaches typically see numerous negative impacts on their organization, including lost customers, reputation damage and operational downtime. Many organizations also must hire additional staff after the breach, such as customer service help desks and credit monitoring services. Companies in regulated industries may also face fines related to the breach.

The 2024 Cost of a Data Breach Report found that the average cost of a data breach jumped to $4.88 million from $4.45 million in 2023, a 10% spike and the highest increase since the pandemic. While the study showed key improvements related to breaches, especially in terms of identifying and containing breaches more quickly, the increased cost of a breach is due to rising business costs.

Read the Cost of a Data Breach Report

Why an increase in communication tools increases risk

With communication and data transfer now central to all industries and most processes, both internal and external, reducing risk starts with understanding why each new tool increases the odds of a breach.

Here are key reasons for the correlation between the number of tools and the risk of a data breach:

Increased attack area

Each time a new tool is added to a process, the organization adds a new entry point for an attack every time a user accesses that tool. For example, the marketing department has begun using a different video conferencing tool than the rest of the company. Threat actors can now target users of the tool and recordings of the meetings stored in the cloud. Additionally, the information sent through the tool, such as chat comments and files shared, adds more opportunities for a data breach.

More opportunities for exchanging sensitive data

Kiteworks found that tracking sensitive data creates a big issue, with two-thirds of respondents sending sensitive data to more than 1,000 different third parties. Additionally, employees often let their guard down when using casual communication tools such as messenger and email, which creates instances of sharing sensitive data and increasing data breach risks.

More resources are required to govern and monitor

Because communication tools provide many opportunities for cybersecurity risks, the use of each tool must be carefully monitored with documented processes. This requires more resources, especially in terms of monitoring use for cybersecurity issues or improper use. With more tools to monitor, it’s easier to accidentally overlook a warning signal of a breach.

Increased risk of human error

Communication tools provide many different ways for employees to make mistakes that lead to a breach, such as falling for a social engineering scheme or using an insecure connection to send data. Employees are also more likely to make more compliance errors with more tools since the process may vary per tool, making it easier to overlook a step.

Reducing risk from communication tools

Reducing breaches often feels like an overwhelming task. By starting with communication tools, organizations can take proactive steps toward reducing their risk.

Take stock of tools in use

Many companies have no idea exactly how many tools they are using. By working with all employees and departments, organizations should create a catalog of all tools currently in use.

Eliminate multiple tools used for the same purpose

If your business finds that four different project management tools are used throughout the organization, you need to determine which tool is the best fit for the organization. By helping teams transition to the approved tools, you can reduce your risk of a breach.

Provide employees with the tools that they need

Many employees begin using approved tools because the tools that the company issues do not work for their tasks. For example, many companies instruct employees to use file-sharing tools that have file size limits. If an employee must transfer a file that is too big for that tool, then the only way that they can do their job is by using another approved tool. Many organizations find that their high number of tools used is due to employees improvising to get things done. By ensuring that your employees have tools that accomplish their required tasks, you can often quickly reduce the number of tools used in your organization.

Use tools that perform multiple tasks

The number of communication tools often quickly grows when an organization has a separate tool for each different type of communication task. By using platforms that perform multiple functions, such as file sharing, video conferencing and messaging, organizations can significantly decrease the number of communication tools.

It’s very easy to look up and realize that your company is using many different tools. By making a concerted effort to understand the tools needed and provide the right tools, your organization can reduce your risk of a breach.

More from Data Protection

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today