Security Market Segment LS
Monday, 19 April 2021 13:35

Rising number of data breaches must signal a change in security strategy

By Daniel Lai
archTIS CEO Daniel Lai archTIS CEO Daniel Lai

Guest Opinion: It’s widely known that data breaches pose a costly threat to any organisation, but the trend to work from home since the start of the coronavirus crisis a year ago has presented a new set of challenges for IT and security professionals.

This year, the Office of the Australian Information Commissioner (OAIC) released its Notifiable Data Breaches Report, which unveiled an 18 per cent increase in reported breaches due to human error. This was by far the highest percentage increase across the categories and accounted for 38 per cent of breaches overall.

The OAIC warned organisations to reduce the risk of data breaches and prioritise training staff, as well as putting systems in place for detecting and containing breaches. The reality is this: even with user training and visibility, human error is ultimately inevitable, and working from home is likely to increase that error rate. Instead, we must update our security approach to match the new challenge.

Cybersecurity professionals recognise that there is an issue here. Recent research of 287 security professionals conducted by Cybersecurity Insiders found almost three-quarters of organisations are concerned about the security risks of having employees working from home, especially the threat of sensitive data leaving the perimeter. The apps that worry them the most; file sharing (68%), the web (47%), video conferencing (45%), and messaging (35%).

Despite this, 86 per cent of organisations say they are likely to support working from home in the future.

So, if remote work is here to stay and it’s a growing and inevitable cause of human-error led data breaches, what can we do to escape the trap?

Innovative security frameworks like Zero Trust network access are a good starting point, but they are not a silver bullet. Ultimately, we need to extend this granular, trust no one approach to the file level—the weakest link in the traditional security schema.

With standard security technologies, once you’re past the perimeter and have access to an application and file, it’s yours to share, copy, download etc. They won’t cut it in a world where insider threats due to simple mistakes are becoming as prevalent as malicious actors outside your organisation. Dynamic attribute-based access control (ABAC), which takes into account who should be able to access, collaborate, share or copy a given file, and at which times, locations and on what device, provides a more robust solution to prevent both human-error caused breaches and stop malicious insiders who purposefully steal data for personal gain.

Intellectual property, supply chain data and other sensitive information that can be either sold or put to use elsewhere is ultimately the goal of an attacker – inside or outside the organisation. This is likely why the OAIC found that healthcare providers and the finance sector experienced the most breaches, accounting for 38 per cent of total breaches.

Right now, zero-trust network access is only the fourth highest priority for cybersecurity professionals according to Cybersecurity Insiders’ research. This is cause for alarm, as such a low placement would indicate that most organisations are leaning on familiar technologies to solve a new problem.

To futureproof data security strategies and support remote work in the long term, we need to embrace zero-trust data security today or the breach numbers reported will likely continue to increase—adversely impacting any affected organisation’s bottom line and reputation.


Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

VENDOR NEWS