September 13, 2016 By Walid Rjaibi 3 min read

Organizations across the globe uncover new and better ways to leverage their customer data every day. But as these digital assets become more valuable to their corporate owners, they also become more appealing to cybercriminals.

Cybercrime, and particularly data theft, has evolved into an exceptionally lucrative offense in recent years. As a result, it’s attracting a broader variety of perpetrators.

Today, your organization’s database is more likely to be breached by someone you know — an employee, third-party contractor or partner — than a faceless fraudster from overseas. In fact, 60 percent of attacks are caused by insider threats, according to the “IBM 2016 Cyber Security Intelligence Index,” and the number of internal records leaked across the world has reached approximately 1 billion.

The stakes are high, and there’s more on the table than just bottom-line losses from financial crime. When critical information goes missing, organizations face increased scrutiny of their compliance activities, the possibility of regulatory penalties and, in this age of viral news, fast-spreading reputational and brand damage.

Furthermore, it takes security teams an average of 201 days to identify a data breach, suggesting that extensive damage can be done before responsive steps can even begin.

The Nature of the Beast

Why is this happening? Consider the complexity of the information environment as a whole: Given the accelerating growth of data within today’s organizational environments, the complexity of regulations and compliance requirements, and the ever-present threat of internal and external attacks, organizations face an enormous challenge before they ever purchase a server or install a system.

Even once you’ve installed information and security systems, there’s still often a problem embedded in your infrastructure. In this case, the beast whose very nature may be compromising your data is the database itself.

Database servers contain your most valuable information, such as financial, credit card, patient and other records. Not only do they contain large amounts of critical data, but they are also intentionally constructed to be easily searched and queried in multiple ways. Individuals within your company have numerous entry points to information and many ways to bypass traditional safeguards, including simply extracting it from servers that have been stolen or are no longer in use.

Intentional and Unintentional Threats

The nature of the database enables two key internal threat types: intentional threats, which are created by individuals with specific criminal or otherwise malicious intent; and unintentional threats, which are typically the result of human error. It’s kind of like someone stealing your chained-up bike versus you forgetting to lock it.

Intentional threats generally refer to employees with direct data access or specific privileges, such as the database administrator, system administrator or application administrator, downloading or tampering with data. These tend to be particularly insidious because they are so hard to defend against. Although red flags do exist — such as employees in financial trouble, those who are disgruntled or even those who work in environments with low morale — most organizations lack formal processes for identifying these markers in advance.

Unintentional threats occur when no one is necessarily actively trying to steal data, but the information is left unprotected without anyone knowing it. This can result from database misconfiguration, unauthorized user ID sharing, data exposure during testing and disposing of storage devices without properly cleaning them.

The Full Data Picture

Security teams are further challenged by a general lack of visibility into the full data picture and a poor corporate understanding as to what data is actually at risk. Organizations often lack the ability to identify critical data embedded at various points within their systems and servers.

On top of that, organizations may not know where to look in the first place, how to determine which systems and servers are actually at risk, or how to prioritize them. If you don’t know where critical data lies, how can you protect it?

Defending Your Database

Today’s organizations must have data protection solutions capable of keeping critical data safe from internal threats. These solutions must stop criminals from actively stealing information and also prevent accidental leaks caused by unintended weaknesses in database structure, management or controls.

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today