Six causes of Data Breach

Keeping data secure is important to us all and yet, as you have no doubt heard on the news, data breaches continue to happen.  Often this is down a ‘this won’t / can’t happen to me’ approach of lax security.

These are six of the most common causes:

Poorly configured software / firewall may lead to a potential breach. This can be hugely reduced by having a risk assessment which enables you to improve any current risk and by implementing regular reviews you can ensure standards remain high.

Recent (2021) examples:

Social Engineering is a result of human error and people remain the weakest link.  Strong and regular education around risk, endpoint and firewall security will significantly reduce risk and increase protection from a breach.

Recycled and poor passwords leading to stolen credentials is second to ransomware as a breach cause according to the 2022 Verizon Data Breach Investigations Report.  This is arguably the easiest risk to reduce though the use of MFA, cutting out password sharing, using a password manager, changing default passwords, and training employees.

Theft or loss of sensitive devices still happens and this risk could be mitigated by having strong procedures in place.  Wiping data with a solution like DBAN‘s data removal or having a specialist company contracted to collect and destroy could save you a big fine and protect you against reputational damage.

Software Vulnerabilities can be devastating to organisations if patches are not applied quickly as soon as they are available through active risk management.

Default passwords…or even no password at all – comparable to leaving your front door wide open – is still a thing as shown in these examples.

On the plus side, you will be pleased to know that if a leak happens as a result of an employee vendetta you are likely not to be found liable.

 

Shropshire-based Cyber & Data Protection Limited assesses risk and delivers solutions to protect your data