As far as data security goes, most organizations are facing the one-step forward, two steps backward situation. With more data breaches being reported in 2022 than in 2021, it is clear that the organizations of different verticals have not learned from the events of previous years. To make matters worse, the quantum of money that has been shelled out by victims of malware and ransomware attacks has increased radically according to the recent findings of the Identify Theft Research Center. It is clear that most IT administrators need to go back to the drawing board to assure cybersecurity.
Watch Out for the Enemy Within
Insider threats have wreaked the greatest havoc in recent months. Take the example of Cash App Investing LLC where a former employee, whose credentials had not been disabled, accessed the internal reports of the company to compromise the customers’ full names and brokerage account number ― the personal identification number associated with customers’ stock activity ― to adversely impact 8.2 million people. This indicates that IT administrators must remain alert about keeping permissions up to date. While it is the duty of the HR department to notify relevant departments when any employee leaves the organization; it is up to the IT department to ensure that permissions are withdrawn immediately.
Incorrect Configuration or Misconfiguration Might Expose Sensitive Data
This was cruelly demonstrated by the Beetle Eye online marketing tool in which the AWS S3 Bucket was left unencrypted, thereby exposing the sensitive data of over 7 million people. Such carelessness makes it easier for intruders to access and download data even from an organization’s servers as happened in the FlexBooker breach impacting 3.75 million people. The last thing you want is that sensitive data such as Social Security numbers, dates of birth, and other personal information pertaining to your customers, or even your own employees surfaces on the dark web.
Stay Vigilant Always: Letting Your Guard Down Could Spell Disaster
IT administrators should keep scanning and remain watchful about suspicious activity. Shields Health Care Group of Quincy, Mass. discovered a data security breach that seemed to have impacted about 2 million people at dozens of their regional healthcare facilities, when they identified suspicious activity in March 2022. This vigilance should extend to web applications for zero-day vulnerabilities. Consider how the Texas Department of Insurance identified a data breach caused by incorrect programming coding of one of its web applications which allowed access to a protected area.
Keep a Tight Rein on Who Can Access What
One of the biggest areas of cybersecurity vulnerabilities occurs when organizations are lax about access to what should be given to whom. Ideally, access should be granted on a strictly need to know basis. In case of emergencies, such floods, fire, earthquakes, when it becomes vital to relax permissions to ensure that critical functions keep functioning smoothly; you should remember to set expiration dates of access. This is particularly true for people who need to be given only temporary access. In case that permission needs to be extended, it should be done on a case by case basis.
Takeaway: Cybersecurity is not a one-off job. It is definitely not a checkbox item. It does not end when you draw up appropriate policies and procedures, or even when you train your team. It is an ongoing activity where all it takes is a careless actor to jeopardize the entire organization as well as its clients and customers.
