Data Protection: A Wake-Up Call

As our nation’s infrastructure is getting attacked — IT, oil, and now food — data protection has become headline news. “This is a serious wake-up call...a real national security issue,” states Tom Kelly, president and CEO of IDX in a radio interview regarding the latest attack on the largest meat processor in the world.

Where are we now? “We are definitely in the midst of a data security crisis,” reports The Hill in the article, Protecting American data is the real crisis in national security. Author, Jack H. Jacobs writes how everything we do today is composed of data, “data in transit as it moves among companies, or countries, or within communities.” Indeed. We have a lot of data to collectively protect (the data universe will consist of 175,000,000,000,000 gigabytes — by 2025.) Consider these cybersecurity statistics: there is a ransomware attack on business every 11 seconds and there is a hacker attack every 39 seconds.

Data Protection: What’s at Stake

There are six months left in 2021 to make some changes and end the year a little stronger. Let’s take a look at some recent data security statistics impacting the cybersecurity landscape. Verizon’s 2021 Data Breach Investigations Report offers insight into the latest breach trends, including how phishing, social engineering, and internal risk factors are on the rise:

• Phishing attacks account for 32% of successful breaches. This is the #1 cause of data breaches, up by 11% over last year. The vast majority of these attacks, or 96%, happen via email.
• Employees and errors happen...regularly. Misdelivery — sending a sensitive email to the wrong individual — represents one of the most common forms of human error across industries.
• Malware is prevalent. Email remains the main source for spreading phishing and malware; malware is present in 28% of cyber-attacks.
• Data breach trending. Nearly half of breaches, or 45%, involved hacking. External parties discovered 80% of data breaches. A third, or 33%, included social engineering.

What can organizations do to address and minimize these latest threats?

Phishing attacks are an internal, employee risk that can be improved with ongoing education and training — and taking proactive steps to manage good data privacy and security practices. What types of data are most compromised? According to Verizon, credentials, personal data, internal data, medical data, and bank data. Many bad actors use this information to social engineer an attack by manipulating human behavior. Mobile devices, according to the report, are now more prone to social engineering attacks such as phishing, pretexting, and bribing. So, even if you try to keep your work lives and private lives separate, your habits and the information you share on social media can be used to social engineer a hack against the company you work for.

In a recent PwC 24th Annual Global CEO Survey, CEOs were asked how concerned they are about potential threats to their organization’s growth. An overwhelming 47% of respondents cited cyber threats, second only to the pandemic and health crisis. Organizations across industries want to prioritize data protection — the world’s most valuable (and vulnerable) resource — so it’s no wonder that cybersecurity spending is expected to reach $150.4 billion this year, according to Gartner. Yet, cybersecurity continues to be a challenge for many. Financial services organizations are faced with credential theft and ransomware, whereas retailers are faced more frequently with phishing attacks.

EY talks about the intensification of cybersecurity risk. “It’s time for a new take on protecting the organization: ensuring day-to-day resilience as well as a proactive, pragmatic, and strategic approach that considers risk and security from the onset,” states EY. Kelly outlines tips to improve professional and personal online security, including audits and products to help clean up your online history and guard your online security, such as IDX Privacy. Check out 5 Tips for Starting Better Online Privacy Habits for more details.

Embracing cybersecurity best practices and implementing a proactive approach to protect your employees and customers — and your business — can go a long way in protecting the zillions of gigabytes of data. With 6 months remaining in the year, now is a great time to follow through with data protection actions that we have collectively been talking about.