The words “data breach” are enough to throw fear into the hearts of IT security professionals and business people across alike. There are so many potential repercussions when something happens to your sensitive data. Customers leaving. The cost of notification. News stories that share your predicament with the world. Time spent away from other projects on cleanup and remediation of any holes. It can be almost paralyzing to think about the long-term negative effects on your business, but are you truly clear on what is considered a data breach?
Data Breach or a Hack?
While mainstream media may use the words “hack” and “data breach” interchangeably, these are two distinct cybersecurity events. The word hack brings to mind a shadowy figure in a dark room with plenty of computer monitors scattered in an array — just looking for a vulnerability in a particular system. The reality is that the setting may be different, but the malicious actor or actors is real. Someone, somewhere is actively attempting to break down the cyber defenses of your business in an attempt to hold your system for ransom or steal lucrative private information. While knowing that your system has been infiltrated, or hacked, is bad news it isn’t necessarily the worst news. Your private data may still be safe if it’s held within a more secure subsystem.
A data breach is somewhat different, and occurs when data that is unintentionally left vulnerable through human error or negligence is viewed by someone who is not authorized to view it. This covers a wide range of behavior from someone in the wrong department viewing personal data and jotting down a credit card number for later use to the massive data loss that Equifax experienced where the personal information of 143 million Americans was exposed to attackers.
What Gets Stolen in a Data Breach?
While financial information such as bank and credit card information is of prime interest to cyber criminals, personally identifiable information (PII) is also a big target. This could be anything from Social Security number, birth dates, family names and more — anything that could be used to impersonate an individual and steal their identity. Names and email addresses, physical addresses are all of interest to individuals, too. Email addresses are a hot commodity simply because hackers are then able to target people with phishing attacks that share enough personal information that they seem to be from a legitimate business. Clicking on the links within the emails can expose additional personal information or provide access to your computer through malware.
Data Breach Statistics
Sure, this all sounds bad, but it won’t happen to your business. Maybe, maybe not — but you’re definitely better safe than sorry in this case! More than 12 million credit card numbers were exposed in 2017 alone, a number that skyrocketed 88% over 2016. There are no organizations that are immune, especially businesses such as dental or health practices or law offices. Even small offices are vulnerable to this type of criminal activity or employee negligence such as weak or insecure passwords. What’s worse is that it takes up to 191 days on average for an organization to realize that their data has been compromised.
Active monitoring is one of the best ways to ensure that your business systems and stored personal information stays secure. With CoreArmore from Coretelligent, you can be confident that your business is secure and that our dedicated, holistic approach will help protect the digital assets of your business. Our cyber security professionals will work closely with you to analyze your needs and deploy the most relevant solutions to maintain a high level of security. Contact us today at 855-841-5888 or via email to firstname.lastname@example.org to get started protecting your business.