Cybersecurity is a trending topic, derived from numerous attacks brought with COVID-19. It is necessary to discuss the damages that databases of companies can suffer so that more people are aware of the dangers to which their companies are exposed to. Now, what information is at risk when we talk about cyberattacks? All, but this time we will focus on data breaches and specifically personal data.
TechTarget defines a data breach as a “confirmed incident in which sensitive, confidential or protected data has been viewed, robbed or used by an unauthorized person”. Data breaches can involve trade secrets, manufacturing processes, intellectual property, payment card information, personal health information (social security numbers and records), personal-identifiable information, and more.
Personal data are those that are in the name of their owners, and who have rights over them such as access, rectification, cancellation, and opposition. Within personal data, sensitive and confidential data exist. These imply any information related to a natural person, whether identified or identifiable, before which there is an obligation of safeguarding on the part of its holders and protection to avoid its disclosure or misuse. This applies both to clients and employees.
International recognition of the protection of personal data as a human right is such a priority that the problem of its vulnerability does not essentially lie in the public sphere; the problem is centered on the information that passes into the hands of companies and are not given proper treatment. The content of personal information is so important to daily operations that it requires safe handling, storage and monitoring.
Besides 'hackers' and computer viruses, the greatest risk lies within employees, either because they access data without authorization or because they do not know how to handle information. In fact, according to IBM, the human error is the cause of 24% of data breaches.
Here are some other facts to consider:
Why take care of personal data?
Unfortunately, and more so in these times, attacks, and the number of fraud-related incidents to obtaining valuable, personal information for unethical purposes has increased. In addition, as mentioned above, employees must be trained to learn how to properly take care of their data and their company’s information to avoid leaks. It should be borne in mind that security obligations and possible fines have increased within countries, visible in trade agreements.
The protection of personal data is an obligation for employers. If something is leaked, the reputation of their company could be at risk, they can suffer extortion, be claimed of negligence, and even lose trust. Apart from this, no company can excuse itself for not fulfilling its responsibility of taking care of their employees personal data and also that of its clients, since it would infringe serious international laws that impose with severe fines.
What can companies do to avoid data breaches?
This is an issue that no company should stop paying attention to if it wants to ensure their integrity, that of its employees and customers. Now more than ever, it is time to take serious action on the way companies handle information and provide education, so everyone knows how to safely use what is stored in companies’ databases.
The handling of data depends a lot on business values where ethics prevail in this matter. Employees must be trained up to date in this field to ensure that personal and overall data will not leak or fall into the wrong hands. Considering human error, companies should always be prepared to respond to a security breach if databases are hacked. IT teams must be able to react and safeguard the information and integrity of the company to prevent attackers from getting what they want.
Is your company ready?
Employing an incident response team can reduce the average cost of a data breach by $360,000 USD – IBM
THETA432 offers elite cyber security protection to keep businesses safe. We provide tool agnostic, platform independent, cyber defense playbooks, and procedures to ensure that networks are defensible, visible, and protected from the wide range of online attacks that can severely damage companies most valuable and vulnerable data. Focus on your daily operations and let cybersecurity experts take care of what matters most.
Bit Life Media. (2020). Los principales ciberataques y brechas de datos de 2020. Website of Bit Lifemedia.: https://bitlifemedia.com/2020/08/los-principales-ciberataques-y-brechas-de-datos-de-2020/
O’ Driscoll, A. (2020). 30+ data breach statistics and facts. Website of Comparitech. https://www.comparitech.com/blog/vpn-privacy/data-breach-statistics-facts/
Statista. (N.A.). Data breaches recorded in the United States by number of breaches and records exposed. Website of Statista: https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/
TechTarget. (N.A.). Data breach. Website of TechTarget: https://searchsecurity.techtarget.com/definition/data-breach
Winder, D. (2020). Data breaches expose 41 billion records in first six month of 2019. Website of: https://www.forbes.com/sites/daveywinder/2019/08/20/data-breaches-expose-41-billion-records-in-first-six-months-of-2019/#60587ff0bd54
Jorge Daniel Tejeda