If you’re looking for encouraging cybersecurity news, sorry, there’s little to report today. The latest IT security statistics in the 2020 Risk-Based Security report indicate that when it comes to database security, cyberattackers have the upper hand.
The report cited 48 percent fewer breaches than in 2019. The total number of records breached, however, was a whopping 37 billion! This represents a 141-percent increase over 2019 and the biggest annual total ever.
What’s going on? Two persistent trends contribute to 2020’s record disruption:
- Lack of visibility in stored data. Forty-four percent of companies surveyed in the Risk-based Security survey report that they are blind to data activity of external actors. They cannot identify, let alone respond to, bad actors rooting through their data stores.
- The unstructured data dilemma. Visibility exposes data to analysis and protection via security methods. Many companies have plenty of data to use in decision making. However, much of it is unstructured and therefore invisible. In fact, 80 percent of companies have no idea about the locations or uses of their unstructured data.
The connections between data visibility and security lie at the heart of effective database protection.
Data Security, Visibility, and Risk of Losses
Database security is another IT umbrella term, which includes a wide variety of resources. It embraces practices as well as software tools and controls. All are developed and chosen to protect stored data and to keep it confidential, available, clean, and complete.
So, what is data visibility? You can’t protect data without knowing what you have, where it’s stored, and how it’s used. Data visibility is the ability to:
- See and understand the potential security threats in your environment.
- View these threats in a way that makes sense to executives, IT professionals, developers, business users, and auditors.
Why data visibility matters. The potential negative impact to a business is a high risk of losses that you suffer during and after a cyberattack. Just think of it: lost revenue, brand reputation, and customer loyalty; possible compliance penalties; and many kinds of recovery costs. Here are descriptions of data breaches and data loss, the two most important types of database-related cyberattacks.
Data breaches: the headline stealers
These are the events that hog broadcast and online headlines. Data breaches involve the deliberate, unauthorized entry into data stores. The intent is malicious or illegal, and the target includes valuable information, such as:
- Personal Social Security, credit card, and driver’s license numbers.
- Patient healthcare histories.
- Corporate customer lists and intellectual property such as source code.
Whenever unauthorized parties view or steal this information outright, the organization responsible for protecting the information suffers a data breach.
Companies that suffer identity theft or violations of government or industry compliance requirements caused by a breach often suffer dire consequences—fines, litigation, loss of reputation, or the loss of the right to operate their business.
Data loss: Often low-key but always damaging
From an information consumer’ point of view, data loss is a much less sexy event than data breaches. Even if the volume of data lost is large, there are usually no viruses, AI controlled attacks, or skullduggery involved.
Lost data usually occurs when valuable or sensitive computer information is deleted or damaged, often accidentally. The list of causes includes human error, equipment damage, or power failures that occur during natural disasters.
Studies show that human error and hardware failure are the most common causes of data loss. They account for roughly three-quarters of all data loss incidents.
Database Security Tools and Practices: Potent Weapons
As time passes, more and more solutions become available to solve database security problems. Here is a list of commercial software tools, best practices, and controls that are available now.
- New data mining applications. Data mining is also being applied for intrusion detection, virus identification, and auditing in fraud cases among other uses.
- Continuous security monitoring solutions. CSM is a threat intelligence approach. It supports risk management decisions by automating the monitoring of information security controls, vulnerabilities, and other cyber threats.
- Investigative link analysis solutions. A relatively new solution category, these tools help analysts view formerly hidden patterns and connections that weren’t visible to them until now.
- Security control practices. Security controls help define the processes that enterprises use to prevent, address, audit, and recover from data breaches. You’ll find a summary of control practices changes (and repeats of earlier recommendations) here.
- Data classification solutions. Classify data based on its sensitivity and value to your organization. These apps use automated data classification methods to reduce time and effort needed to analyze data and protect valuable data assets.
- Identity and access management solutions Long a cybersecurity workhorse, these applications control who gets into which part of your data under specific conditions.
Do the statistics we present seem grim? If so, remember that there are plenty of ways to make stored data more visible. IT pros and security specialists can use these weapons to push back the risk of losses in our modern data security wars.