IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Cybersecurity
#
CIOs
#
Cyber attacks
From a drip to a flood - the impact of a data leak
Tue, 14th Jun 2016
FYI, this story is more than a year old
By Staff Writer
Follow us

Article sourced from welivesecurity

Data leaks, especially from an organization's point of view, are a huge and growing problem (and when we say leak, we mean emerging internally, maliciously or accidentally). More and more businesses are certainly of that opinion, which is a good thing, as the fallout can be devastating.

While not technically a new development, the manner in which sensitive information can spill out of an enterprise is indicative of the zeitgeist. Assets are, by and large, digital and can therefore ‘exit the building', in a manner of speaking, in more novel ways. This is something that many organizations are still getting used to. And the sooner, the better – the four pain points documented below are testament to that.

Data leak pain point #1: Financial losses

You can break records, but for all the wrong reasons, as St. Joseph Health System learnt recently. As a result of “misconfigured security settings”, 31,000 patient health records were exposed online for close to a year. The cost of this preventable blunder? A painful $28 million.

Key takeaway, courtesy of ESET's Lysa Myers, is to appreciate the financial severity of a leak: “This settlement should give businesses a clear idea of the rising cost for failing to properly protect all personal data in their care properly.

Data leak pain point #2: Brand damage

Last year, TalkTalk experienced a major data breach, affecting 157,000 of its customers. It was a huge story and needless to say, the impact, in terms of brand damage – the financial damage was later reported as being severe – swiftly devastating. A poll carried out in the immediate aftermath found that TalkTalk had already lost favor with members of the public.

Key takeaway, courtesy of WeLiveSecurity contributor Graham Cluley, is to be careful about how you respond to a breach: “Reading TalkTalk's statement I find it hard to feel that they aren't trying to put a positive ‘spin' on things – they claim ‘only 4%' of customers were affected, and play down the risks posed by some of the stolen data.

Data leak pain point #3: Legal liability

Consumers expect organizations to bear ultimate responsibility for data leaks and, legally speaking, this expectation is gaining legislative support. For example, last year, the US Court of Appeals for the Third Circuit ruled that the FTC in the US has the power to punish enterprises that fail to invest in cybersecurity.

Key takeaway, courtesy of ESET's Stephen Cobb, is to understand the legal aspects surrounding data security: “The negative publicity of an FTC action is the last thing your company wants to experience … [especially] when you are trying to restore the trust and goodwill of the customers and the market.

Data leak pain point #4: Business continuity disruption

With more and more organizations moving parts of their operations online, or launching web-only enterprises, it's important to prepare for all sorts of threats that might disrupt the normal flow of their operations. This is something small businesses signed up to Moonfruit learned in 2015, when the website builder took down their websites as a security measure in the run up to Christmas.

Key takeaway, courtesy of Mr. Cobb, is to appreciate that “business continuity is vital”: “Any company of any size can improve its chances of coming through a disruptive event in one piece – with its brand intact and its revenue undiminished – by following some tried and trusted strategies.

Article sourced from welivesecurity

Related stories
Biometrics market projected to reach USD $173.7bn by 2032, says report
Smart Water Meters set to revolutionise Australian utilities
SentinelOne makes it to CRN's inaugural AI 100 list
Infinigate launches digital platform to aid business digitalisation
Watch out! There are hidden dangers lurking in your PDFs
Top stories
Pegasystems introduces AI coach to boost workflow efficiency
How esports is improving career prospects for growing numbers of students
Confluent lauded in IDC MarketScape reports for data streaming prowess
Fujitsu strengthens cyber security with new Australian, NZ division
Booming AI deepfake detector market set to hit USD $5.7 million by 2034