02 Jun Thales 2023 Data Threat Report
Thales annual report looks at the latest data security threats, trends and emerging topics following a survey of nearly 3,000 it and security professionals based in 18 countries including the united arab emirates, and across both private and public sector organisations. Its likely that readers of security middle east will have experienced some form of security threat over the past year. According to thales, more than a third (37%) of those surveyed experienced a data breach in the past 12 months, including 22% who reported that the company they worked for had been a victim of a ransomware attack.
To the cloud, it’s hardly surprising that cloud assets are proving to be the biggest target for cyber attackers. In 2022, 49% of people questioned by Thales said that at least 40% of data stored in the cloud was classified as sensitive. In 2023, this had grown to 75% of people agreeing with that figure. When it came to identifying the most at-risk cloud assets, 28% of people cited saas apps and cloud-based storage, with 26% saying cloud-hosted applications and 25% saying cloud infrastructure management. Sebastien Cano, senior vice president for cloud protection and licensing activities at Thales, said: enterprises continue to see a serious threat landscape. Our findings indicate good progress is being made in certain areas, including MFA adoption and increased use of data encryption.
However, there are still a lot of security gaps regarding data visibility. In an increasingly cloud-first world, organisations must maintain better control over their data so they can serve their stakeholders with greater safety and trust. As data sovereignty and protection regulations around the world tighten, security teams will need far more confidence in protecting where their data is being stored and how it is moving and being used.
Counting the Costs
In light of this changing threat landscape, businesses need to respond and plan their data security strategies accordingly to ensure threats are addressed promptly. However, with simple human error, misconfiguration and other mistakes being named as the leading cause of cloud data breaches it can be difficult to predict human nature. For organisations that had been affected by a data breach in the past 12 months, 55% of respondents noted that human error or misconfiguration was the primary cause. As a result, a majority of 28% of those surveyed said identity and access management (IAM) was the best line of defence and the most effective tool to mitigate the risk of a simple mistake causing a catastrophic breach. Just because an organisation isn’t being attacked by a nefarious individual doesn’t mean a breach as a result of human error is small. Simple mistakes like a file being deleted or information shared with the wrong person are far more common than cyberattacks and so their impact on a business can be significant.
Not only can they be costly mistakes, but they can also lead to unnecessary downtime. In fact, figures highlighted by Datto revealed that human error was the number one culprit for downtime. When an engineer working at a data centre near Londons Heathrow Airport reconnected a power supply in a rush he could never have anticipated that it would lead to the mass cancellation of flights, 75,000 British Airways passengers grounded and cost the airline some 80m in lost revenue and compensations. But his actions caused a power surge, which meant massive damage to British Airway’s information technology systems.
For Sony, when confidential company data was released online it wasn’t just the estimated $15m it ended up costing the company but the reputational damage. It is widely believed that the company was the victim of a targeted phishing campaign which saw employees clicking on malicious emails which gave hackers access to the Sony network.
Human Errors to watch out for
Once you’re able to identify the most common simple mistakes that employees make it becomes much easier to tackle them. Key ones to look out for include:
Accidental file deletion
If spotted early at the time it happens it can be easier to deal with. When it’s not picked up until later if is harder to manage, especially if the file name cant be recalled, or the date it was deleted. Having a backup in place can help to avoid too much disruption.
Social engineering attacks are instigated by a hacker, but it is human error that leads to the breach. Cyberattackers will target employees with an email that is designed to trick employees into believing it is legitimate when in fact it carries malicious attachments. Attackers are using increasingly more sophisticated methods and the key to avoiding trouble is educating all employees and having best practices in place to ensure they know how to handle and verify such emails.
Another potential opportunity for data loss and breaches is when third-party software is integrated, particularly if the integration includes any kind of data migration. Anyone adding new software must ensure it comes from reputable sources and is compatible with systems currently being used. It’s also a good idea to use test environments to spot any errors before it is fully rolled out.
Ultimately strengthening your protocols against human error will help to shore up your organisation’s defences. Training will go a long way to achieving this. All staff should receive regular training, not only on the basics such as how to save, modify and delete files or folders but also on the risks of data breaches and how to recognise phishing emails. Make sure staff know who to contact should an incident occur and that they understand how vital it is to contact them immediately when they realise something is wrong. Time really can be of the essence in some cases.
Tighter access control limits can also be initiated to ensure that people only have access to the data they need and only for the length of time it is needed. This approach should always be the least privileged approach, which will limit how much data they have access to, reducing the volume of data that could be accidentally breached. While it can’t prevent data from being mishandled, it will help to protect more of your sensitive data. Human error data breaches are not entirely preventable but the use of intelligent software can also help. By automating more tasks such as gathering, sorting or categorising data you can also minimise potential risks at this stage.