Thales Blog

Data Breaches On The Rise; Our Latest Insider Threat Report Explains

April 10, 2014

Tina Stewart Tina Stewart | VP, Global Market Strategy More About This Author >

Last month, I called out the Top 5 Data Breach Trends for 2014.

  • Trend 1—Revenue Loss Means Board Room Focus
  • Trend 2—Retail Breaches: An Easy Target
  • Trend 3—Cloud and Big Data= Big Target for Cybercriminals
  • Trend 4—Government and Healthcare: High Risk
  • Trend 5—Compliance Will Grow Bigger Teeth

Since then, supermarket chain Morrisons suffered an insider attack through stolen staff payroll systems that were published online which links back to trend 2; retail data breaches an easy target.

Also surfacing this week—18 million email identities were stolen in Germany (said to be one of the largest in the country), with the source yet to be identified. The Federal Office for Information Security (known by its German abbreviation BSI) has been working in collaboration with email service providers in the country — including Deutsche Telekom, GMX, and Vodafone — to notify those who may have been affected. This incidence relates to trend 3; email service providers are cloud solutions.

Highlighting trend 5—here in the states, the Federal Trade Commission has asked Congress to pass a national breach notification bill, which would require companies that have had their systems compromised to alert consumers and appropriate government authorities within a specific time frame. According to an article by David Weldon in FierceCIO, “the legislation is intended to correct a situation in which a company could withhold such information for long periods of time while it tries to resolve the problem internally, but leave customers at long-term risk of identity theft and personal data compromise.”

Trend 5 indicates compliance will grow bigger teeth, and with data breaches on the rise, our recently released 2014 Vormetric Insider Threat Report conducted by Ovum, looked into the top threats security professionals face in European including:

  1. Meeting compliance requirements –40%
  2. Requirements or expectations from customers—30%
  3. Advanced Persistent Threats (APTs)—30%

When we ran a similar study back in October 2013, we found that, surprisingly, Europe feels less vulnerable than the US. The map below showcases the differences between Europe and the US.

The Insider Threat Report also indicated that 34 percent of German companies’ privileged user accounts such as system, database or network administrators are the greatest threat to their businesses. So-called insiders by employees or consultants are no longer limited to conventional users with legitimate access rights that abuse their position to steal data for personal purposes.

The Wall Street Journal reporter Amir Mizroch published an article surrounding our latest report saying, “The survey typically looks at internal IT threats. Respondents were also asked about their biggest internal threat to corporate technology security. About 50% said it was employees using their personal devices to access corporate data.” The new European compliance rules set to standardize companies’ size and shape of privacy logos displayed while browsing the web have angered internet organizations. The rules come with fines of as much as 5% of global turnover for violations, but EU member states are divided about how–or whether–to implement them.

Basic Tips to protect what matters, where it matters

As important as it is to focus on the prevention of cybercriminals and data breaches, it is also important to recognize that no one solution will provide you with everything you require. If you think of a data breach in the terms of “not if but when,” your company can plan a rational defense-in-depth data security strategy as well as response strategy should a breach occur. To that end, enterprise business can start now by putting together the best architecture to protect intellectual property, personal and/or sensitive data, and be compliant too! In addition, if a cyber-related incident does happens, you can also plan a response that can be swift so resources are deployed efficiently. Too many organizations wait until they have actually suffered a serious data breach before attempting to come up with a process for dealing with such a situation – which amounts, effectively, to making very difficult decisions in the public eye and board room. If you are unable to be fully preventative, an effective rapid response plan will likely lead to faster and better choices, which in turn will help to mitigate any damage that may have been caused. But since data can’t defend itself, the best bet is to encrypt and manage access as your initial starting point.

Comments or questions? Share them with me below or on Twitter @Vormetric or @SocialTIS.