August 30, 2018

8 Strategies to Help Stop a Cyber Attack from Becoming a Data Breach

Cyber attacks
are a reality for individuals and businesses today and it’s become important to have processes in place that stop attacks from becoming full-out data breaches.  

According to a recent blog post, the most expensive component of a cyber attack is information loss, which represents 43% of costs.

The 2018 Global Threat Report by Thales showed that more than 7 in 10 of all organizations in the U.S. were affected by a data breach in some way over the past few years. About 46% of organizations experienced a breach incident in the past year, almost double the 24% reported in 2017.

Ponemon’s Third Annual Study on the Cyber Resilient Organization showed that organizations still need to improve their protective measures against cyber attacks. In the research, 57% of respondents said the time to resolve an incident has increased while 65% reported that the severity of cyber attacks has increased.

Here are 8 safeguards that can help stop a cyber attack from becoming a data breach.

  1. Formalized data security policies: Put stringent policies in place around the handling of confidential information in and out of the workplace. Highlight data in email, web browsing, removable media, and personally owned devices. Train mobile users on the secure use of their devices. The 2018 State of the Industry Report from Shred-it showed that while over 90% of North American business leaders trust their employees with confidential information when working off-site, 51% of C-Suites in the U.S. say electronic devices like laptops and mobile phones have been lost or stolen while employees were working off-site.
  2. Culture of security:  Implement a culture of security from the top down to instill the concept that cyber security belongs to everyone. Teach security awareness, promote data security in emails, posters and other communications, and reward employees who are committed. Make security a seamless process by embedding secure processes such as professional document shredding.   
  3. Incident response plan: 77% of organizations in the Ponemon study say they don’t have a formal cyber security incident response plan. Incident response is an organized approach for handling events affecting the security of computer systems or networks – and all companies need one.
  4. Security aware workforce: Not having skilled personnel dedicated to cyber security was the second biggest barrier to cyber resilience in the Ponemon study with only 29% having appropriate staffing. Create defined hiring criteria and on-going training that focus on security policies and procedures.
  5. Strong passwords: Make sure staff is aware of internal policies and enforce regular password updates with automated processes wherever possible.
  6. Technology: Protect all hard drives and computers with the latest safeguards to help decrease the severity and volume of cyber attacks. This includes vulnerability scanning, patch management, identity management and authentication, and intrusion detection and prevention systems. Scan for malware, and protect all host and client machines with antivirus solutions.
  7. Encrypted data: Encrypt all data in transit and at rest.
  8. Locked down systems: Many cyber attacks occur when equipment is stolen. Make sure all systems are physically secured and server room doors are closed and locked. Do not stockpile, recycle or resell legacy equipment.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.