January 28, 2016 By Anshul Garg 3 min read

Not long ago, the borders of your data environment were relatively well-defined. But now, everything has changed. As the cloud, mobile devices and social media give us new ways to communicate and conduct business, they also open up new avenues for attacks — tempting the bad guys to steal your data.

Hardly a week goes by without headlines about a major data breach. In the last year alone, we have seen many company records stolen, resulting in loss of sensitive data, compromised brand reputation and huge costs incurred. According to the “2015 Cost of Data Breach Study,” the total cost of data breaches is rising globally. A single data breach, on average, costs $3.8 million, an increase of 23 percent since 2013.

2015: The Year of the Data Breach

Many have dubbed 2015 the year of data breaches. Some breaches gained more attention than the others, but all were impactful.

  • Office of Personnel Management (OPM): Personnel records of 22 million current and former federal employees were compromised in a breach of the OPM. The breach went undetected for about a year — 343 days, according to Network World.
  • Ashley Madison: Data records of 37 million customers were compromised. The breach was discovered in July 2015, but when cybercriminals got in is undisclosed.
  • Premera: The personal information of 11 million people was compromised, according to CNN. The attack went undetected for nine months and was one of the first hacks discovered in 2015.

Are there lessons that could be taken from these attacks? Yes. Ask yourself these questions: How are you protecting personally identifiable information (PII)? How do you handle a data security alert? Is your security team too occupied with its day-to-day operations? How do you gather security intelligence?

The Problem: People, Processes and Technology

Today’s organizations need to be open for business while protecting their most critical data from unauthorized access. But the compliance-driven practices of the past can leave you exposed to attack. Instead, you need to address the enterprise’s people, processes and technology — the three legs of a data security tripod — to reduce the growing threat of data breaches.

  • People: Do you have the right talent to manage your data security program? How do you ensure that all bases are covered around the clock?
  • Processes: Do you have an end-to-end, defined process for data protection with the right stakeholder involvement?
  • Technology: Do you leverage the full features and functionalities of your data security solution? How do you gain security intelligence?

Often, the data security posture focuses more on technology and less on the other two aspects — people and the processes. Well, can you get a perfect shot with a tilted tripod? No.

How Can the Problem Be Solved?

Data protection is about more than finding a silver-bullet solution. Technology needs to be supported by the right security controls and processes — an end-to-end approach for safeguarding the entire organization, including your users, data, applications and infrastructure. All of this needs to be carefully monitored and managed by a skilled set of people.

In rare cases, you can find the answers internally. More often than not, however, you need to look for external help. It goes without saying that if you look for an external partner, the partner should have a proven ability to execute.

Look to balance your data security tripod, with internal or external help, to get that perfect shot (e.g., reduce the likelihood of a data breach). Technology alone is not the solution to the problem.

You need the right people to analyze the data as well as a process that defines how alerts should be handled. That’s how you can protect your data in this era of data breaches.

Watch the webinar: Is Your Security Staff Addressing the Top 3 Data Protection Challenges?

More from Data Protection

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today