September 13, 2016 By Walid Rjaibi 3 min read

Organizations across the globe uncover new and better ways to leverage their customer data every day. But as these digital assets become more valuable to their corporate owners, they also become more appealing to cybercriminals.

Cybercrime, and particularly data theft, has evolved into an exceptionally lucrative offense in recent years. As a result, it’s attracting a broader variety of perpetrators.

Today, your organization’s database is more likely to be breached by someone you know — an employee, third-party contractor or partner — than a faceless fraudster from overseas. In fact, 60 percent of attacks are caused by insider threats, according to the “IBM 2016 Cyber Security Intelligence Index,” and the number of internal records leaked across the world has reached approximately 1 billion.

The stakes are high, and there’s more on the table than just bottom-line losses from financial crime. When critical information goes missing, organizations face increased scrutiny of their compliance activities, the possibility of regulatory penalties and, in this age of viral news, fast-spreading reputational and brand damage.

Furthermore, it takes security teams an average of 201 days to identify a data breach, suggesting that extensive damage can be done before responsive steps can even begin.

The Nature of the Beast

Why is this happening? Consider the complexity of the information environment as a whole: Given the accelerating growth of data within today’s organizational environments, the complexity of regulations and compliance requirements, and the ever-present threat of internal and external attacks, organizations face an enormous challenge before they ever purchase a server or install a system.

Even once you’ve installed information and security systems, there’s still often a problem embedded in your infrastructure. In this case, the beast whose very nature may be compromising your data is the database itself.

Database servers contain your most valuable information, such as financial, credit card, patient and other records. Not only do they contain large amounts of critical data, but they are also intentionally constructed to be easily searched and queried in multiple ways. Individuals within your company have numerous entry points to information and many ways to bypass traditional safeguards, including simply extracting it from servers that have been stolen or are no longer in use.

Intentional and Unintentional Threats

The nature of the database enables two key internal threat types: intentional threats, which are created by individuals with specific criminal or otherwise malicious intent; and unintentional threats, which are typically the result of human error. It’s kind of like someone stealing your chained-up bike versus you forgetting to lock it.

Intentional threats generally refer to employees with direct data access or specific privileges, such as the database administrator, system administrator or application administrator, downloading or tampering with data. These tend to be particularly insidious because they are so hard to defend against. Although red flags do exist — such as employees in financial trouble, those who are disgruntled or even those who work in environments with low morale — most organizations lack formal processes for identifying these markers in advance.

Unintentional threats occur when no one is necessarily actively trying to steal data, but the information is left unprotected without anyone knowing it. This can result from database misconfiguration, unauthorized user ID sharing, data exposure during testing and disposing of storage devices without properly cleaning them.

The Full Data Picture

Security teams are further challenged by a general lack of visibility into the full data picture and a poor corporate understanding as to what data is actually at risk. Organizations often lack the ability to identify critical data embedded at various points within their systems and servers.

On top of that, organizations may not know where to look in the first place, how to determine which systems and servers are actually at risk, or how to prioritize them. If you don’t know where critical data lies, how can you protect it?

Defending Your Database

Today’s organizations must have data protection solutions capable of keeping critical data safe from internal threats. These solutions must stop criminals from actively stealing information and also prevent accidental leaks caused by unintended weaknesses in database structure, management or controls.

More from Data Protection

Why safeguarding sensitive data is so crucial

4 min read - A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other.The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction recovery help and mental health treatment in Connecticut, Florida, Texas and other states.The breach, first reported by WIRED, involved PII, such as patient names and addresses,…

Addressing growing concerns about cybersecurity in manufacturing

4 min read - Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface.According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.Apparently, the data being stored in industrial control systems is…

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today