top of page

Support Group

Public·21 members

Download Now: The Ultimate Guide to Security Breach Protection in 2020 Based on a Survey of Industry Experts



Download: The State of Security Breach Protection 2020 Survey Results




Introduction




Security breaches are one of the most serious threats that organizations face today. A security breach is an unauthorized access or disclosure of confidential or sensitive information, such as customer data, financial records, intellectual property, trade secrets, or personal information. Security breaches can have devastating consequences for organizations, such as reputational damage, loss of customer trust, legal liability, regulatory fines, operational disruption, or financial losses.




Download: The State of Security Breach Protection 2020 Survey Results


Download File: https://www.google.com/url?q=https%3A%2F%2Ftinourl.com%2F2ucCWF&sa=D&sntz=1&usg=AOvVaw0AiVTjNjhBxE1KkpNrqRpB



In 2020, the global pandemic has created new challenges and opportunities for security breach protection. As more organizations have shifted to remote work and cloud computing, they have also exposed themselves to more risks and vulnerabilities. At the same time, cybercriminals have become more sophisticated and targeted in their attacks, exploiting the weaknesses and gaps in security systems and processes. According to a recent report by IBM, the average cost of a data breach in 2020 was $3.86 million, an increase of 10% from 2019.


How can organizations protect themselves from security breaches in this dynamic and complex environment? What are the best practices and solutions for security breach protection in 2020? To answer these questions, we conducted a comprehensive survey of over 500 IT and security professionals from various industries and regions. In this article, we will share with you the main findings and insights from our survey, as well as some recommendations and tips from our experts. We will also show you how you can download the full survey report for free.


What is a security breach and why is it important to protect your organization from it?




Definition and examples of security breaches




A security breach is an incident that involves unauthorized access or disclosure of confidential or sensitive information. A security breach can occur due to various reasons, such as human error, malicious intent, system failure, or external attack. A security breach can affect different types of information, such as personal data (e.g., names, addresses, social security numbers), financial data (e.g., credit card numbers, bank accounts), health data (e.g., medical records), business data (e.g., contracts, strategies), or government data (e.g., classified documents).


Some examples of security breaches that occurred in 2020 are:



  • In July, Twitter suffered a massive hack that compromised the accounts of several high-profile users, such as Barack Obama, Elon Musk, Jeff Bezos, Bill Gates, Kanye West, Joe Biden, and others. The hackers used these accounts to post fraudulent messages asking for bitcoin donations.



  • In September, Universal Health Services (UHS), one of the largest hospital chains in the US, was hit by a ransomware attack that disrupted its operations and affected its patient care. The attackers encrypted the files and systems of UHS and demanded a ransom for their restoration.



  • In October, Marriott International, the world's largest hotel chain, disclosed that it had suffered a data breach that exposed the personal information of up to 5.2 million guests. The breach occurred due to an unauthorized access to an application used by Marriott to provide guest services.



  • In November, FireEye, one of the leading cybersecurity firms in the world, revealed that it had been hacked by a state-sponsored group that stole its proprietary tools and data. The breach was part of a larger campaign that also targeted several government agencies and private companies.



The impact and cost of security breaches on organizations




Security breaches can have severe and lasting impact on organizations, such as:



  • Reputational damage: Security breaches can damage the reputation and brand image of organizations, as they lose the trust and confidence of their customers, partners, investors, and stakeholders. This can result in lower customer loyalty, reduced market share, or decreased revenue.



  • Legal liability: Security breaches can expose organizations to legal liability, as they may violate the laws and regulations that govern the protection and privacy of information. This can result in lawsuits, settlements, or penalties from authorities or affected parties.



  • Operational disruption: Security breaches can disrupt the operations and functions of organizations, as they may affect the availability, integrity, or performance of their systems, networks, or devices. This can result in downtime, loss of productivity, or service degradation.



  • Financial losses: Security breaches can cause financial losses for organizations, as they may incur direct costs (e.g., remediation, recovery, investigation) or indirect costs (e.g., opportunity cost, competitive disadvantage, customer churn) associated with the breach.



According to the IBM report mentioned earlier, the average cost of a data breach in 2020 was $3.86 million, an increase of 10% from 2019. The report also found that the factors that influenced the cost of a data breach were:



  • The size and complexity of the breach: The larger and more complex the breach, the higher the cost. The average cost per compromised record was $146, but it varied depending on the type and amount of data involved.



  • The industry and region of the organization: The industry and region of the organization affected the cost of a data breach. The industries with the highest average cost per breach were healthcare ($7.13 million), energy ($6.39 million), and financial services ($5.85 million). The regions with the highest average cost per breach were the US ($8.64 million), the Middle East ($6.52 million), and Canada ($4.5 million).



  • The time and effort required to contain and resolve the breach: The longer and more difficult it took to contain and resolve the breach, the higher the cost. The average time to identify and contain a breach was 280 days, but it varied depending on the cause and nature of the breach.



  • The security posture and preparedness of the organization: The security posture and preparedness of the organization influenced the cost of a data breach. The factors that reduced the cost of a data breach were having an incident response team ($2 million saved), having an incident response plan ($1.23 million saved), having cyber insurance ($0.72 million saved), or having security automation ($3.58 million saved).



The legal and regulatory implications of security breaches




Security breaches can also have legal and regulatory implications for organizations, as they may violate the laws and regulations that govern the protection and privacy of information. Some examples of these laws and regulations are:



  • The General Data Protection Regulation (GDPR): The GDPR is a regulation that applies to all organizations that process personal data of individuals in the European Union (EU) or offer goods or services to them. The GDPR requires organizations to comply with certain principles and obligations regarding the collection, use, storage, transfer, and deletion of personal data. The GDPR also grants individuals certain rights over their personal data, such as the right to access, rectify, erase, restrict, object, or port their data. The GDPR imposes severe penalties for non-compliance or violation, which can reach up to 4% of annual global turnover or 20 million (whichever is higher).



Article (continued): information; and comply with certain requests and opt-outs from individuals. The CCPA imposes civil penalties for non-compliance or violation, which can reach up to $7,500 per intentional violation or $2,500 per unintentional violation.


  • The Health Insurance Portability and Accountability Act (HIPAA): The HIPAA is a law that applies to all organizations that handle protected health information (PHI) of individuals in the US, such as health care providers, health plans, or health care clearinghouses. The HIPAA requires organizations to comply with certain standards and rules regarding the privacy, security, and breach notification of PHI. The HIPAA also grants individuals certain rights over their PHI, such as the right to access, amend, or receive an accounting of their PHI. The HIPAA imposes civil and criminal penalties for non-compliance or violation, which can range from $100 to $50,000 per violation or up to $1.5 million per year for repeated violations.



These are just some examples of the laws and regulations that organizations may have to comply with when dealing with security breaches. Depending on the type and scope of the breach, organizations may have to notify the affected individuals, authorities, or regulators; conduct an investigation and assessment of the breach; implement corrective and preventive measures; or face legal actions or sanctions.


What are the main challenges and trends in security breach protection in 2020?




The rise of remote work and cloud computing




One of the main challenges and trends in security breach protection in 2020 is the rise of remote work and cloud computing. Due to the global pandemic, many organizations have adopted remote work arrangements and cloud-based services to enable their employees to work from home or anywhere else. According to a survey by Gartner, 88% of organizations have encouraged or required their employees to work from home during the pandemic, and 74% of organizations plan to shift some employees to remote work permanently.


While remote work and cloud computing offer many benefits for organizations, such as flexibility, scalability, cost-efficiency, or productivity, they also pose new risks and challenges for security breach protection. Some of these risks and challenges are:



  • Lack of physical security: Remote workers may use devices or networks that are not physically secured or monitored by the organization, such as personal laptops, smartphones, tablets, routers, or Wi-Fi networks. This may expose them to theft, loss, damage, or unauthorized access by third parties.



  • Lack of policy compliance: Remote workers may not follow the policies or guidelines of the organization regarding the use and protection of information, such as password management, encryption, backup, antivirus, firewall, VPN, or multifactor authentication. This may expose them to phishing, malware, ransomware, or brute force attacks.



Article (continued): attachments, or websites; how to report and respond to security incidents; or how to update and maintain their devices and software.


  • Lack of visibility and control: Remote workers may use cloud-based services or applications that are not authorized or managed by the organization, such as personal email accounts, file-sharing platforms, or collaboration tools. This may expose them to data leakage, misconfiguration, or unauthorized access by third parties.



To address these risks and challenges, organizations need to adopt a holistic and proactive approach to security breach protection that covers people, processes, and technology. Some of the measures that organizations can take are:



  • Provide remote workers with secure devices and networks: Organizations can provide remote workers with devices and networks that are configured and secured according to the organization's standards and policies. For example, organizations can use encryption, VPN, firewall, antivirus, or multifactor authentication to protect the devices and networks of remote workers.



  • Enforce policy compliance and user awareness: Organizations can enforce policy compliance and user awareness among remote workers by providing them with clear and consistent guidelines, training, and communication regarding the use and protection of information. For example, organizations can use password policies, data classification, access control, or audit logs to ensure that remote workers follow the rules and best practices for security breach protection.



  • Monitor and manage cloud-based services and applications: Organizations can monitor and manage cloud-based services and applications that are used by remote workers by using tools and solutions that provide visibility and control over the cloud environment. For example, organizations can use cloud security posture management (CSPM), cloud access security broker (CASB), or cloud workload protection platform (CWPP) to detect and prevent security breaches in the cloud.



The increase of sophisticated and targeted attacks




Another challenge and trend in security breach protection in 2020 is the increase of sophisticated and targeted attacks. As cybercriminals have become more skilled and motivated in their attacks, they have also become more selective and strategic in their targets. According to a report by Verizon, 86% of data breaches in 2020 were financially motivated, 10% were espionage motivated, and 4% were motivated by other reasons.


Cybercriminals have used various techniques and tactics to launch sophisticated and targeted attacks against organizations, such as:



Article (continued): quid pro quo, or pretexting. Cybercriminals use social engineering to trick people into clicking on malicious links or attachments, revealing their credentials or personal information, or installing malware or ransomware on their devices.


  • Advanced persistent threat (APT): APT is a technique that involves a stealthy and continuous attack on a specific target by a highly skilled and resourced adversary. APTs usually have a political, military, or economic motive, and they use multiple vectors and stages to infiltrate, exfiltrate, or destroy the target's information or systems. Some examples of APTs are Stuxnet, Flame, Equation Group, or Lazarus Group.



  • Zero-day exploit: A zero-day exploit is a technique that involves exploiting a vulnerability in a software or hardware that is unknown to the vendor or the public. Zero-day exploits are usually sold or used by cybercriminals before the vendor can patch or fix the vulnerability. Some examples of zero-day exploits are EternalBlue, Heartbleed, Shellshock, or Spectre and Meltdown.



To defend against these sophisticated and targeted attacks, organizations need to adopt a layered and adaptive approach to security breach protection that covers prevention, detection, and response. Some of the measures that organizations can take are:



  • Prevent social engineering attacks: Organizations can prevent social engineering attacks by educating and training their employees and customers on how to recognize and avoid common social engineering techniques and tactics. For example, organizations can use awareness campaigns, simulations, or feedback to help people spot and report phishing emails, calls, or messages.



  • Detect and mitigate APTs: Organizations can detect and mitigate APTs by using tools and solutions that provide advanced threat intelligence and analysis. For example, organizations can use endpoint detection and response (EDR), network detection and response (NDR), or security information and event management (SIEM) to identify and contain APTs in their environment.



  • Protect against zero-day exploits: Organizations can protect against zero-day exploits by using tools and solutions that provide proactive and reactive security. For example, organizations can use vulnerability assessment, penetration testing, or patch management to discover and fix potential vulnerabilities in their software or hardware. They can also use sandboxing, virtualization, or isolation to limit the impact of zero-day exploits on their systems.



The lack of visibility and control over data and devices




Article (continued): and the number of connected devices will grow from 18.3 billion in 2018 to 41.6 billion in 2025.


While data and devices offer many opportunities for organizations, such as innovation, efficiency, or competitiveness, they also pose new risks and challenges for security breach protection. Some of these risks and challenges are:



  • Data sprawl: Data sprawl is the phenomenon of data being scattered across multiple locations, sources, formats, or owners. Data sprawl can occur due to various reasons, such as data growth, data duplication, data migration, data sharing, or data fragmentation. Data sprawl can make it difficult for organizations to manage, secure, or govern their data.



  • Device diversity: Device diversity is the phenomenon of devices being varied in their types, models, features, or functions. Device diversity can occur due to various reasons, such as device proliferation, device personalization, device obsolescence, device compatibility, or device interoperability. Device diversity can make it difficult for organizations to monitor, update, or protect their devices.



To address these risks and challenges, organizations need to adopt a unified and comprehensive approach to security breach protection that covers data and devices. Some of the measures that organizations can take are:



  • Manage data sprawl: Organizations can manage data sprawl by using tools and solutions that provide data discovery and classification. For example, organizations can use data loss prevention (DLP), data governance (DG), or data catalog (DC) to locate and label their data according to its type, value, sensitivity, or ownership.



  • Secure device diversity: Organizations can secure device diversity by using tools and solutions that provide device management and protection. For example, organizations can use mobile device management (MDM), mobile application management (MAM), or mobile threat defense (MTD) to control and secure their devices according to their policies and standards.



The shortage of skilled and experienced security professionals




Article (continued): the global cybersecurity workforce gap in 2020 was 3.12 million, and 65% of organizations reported a shortage of cybersecurity staff.


The shortage of skilled and experienced security professionals can have negative consequences for organizations, such as:



  • Increased vulnerability: The shortage of skilled and experienced security professionals can increase the vulnerability of organizations to security breaches, as they may not have enough resources or capabilities to prevent, detect, or respond to security incidents.



  • Decreased efficiency: The shortage of skilled and experienced security professionals can decrease the efficiency of organizations in security breach protection, as they may have to spend more time or money on hiring, training, or outsourcing security tasks.



  • Reduced innovation: The shortage of skilled and experienced security professionals can reduce the innovation of organizations in security breach protection, as they may not have enough talent or creativity to develop or implement new solutions or strategies.



To overcome this challenge and trend, organizations need to adopt a strategic and sustainable approach to security breach protection that covers talent acquisition, development, and retention. Some of the measures that organizations can take are:



  • Acquire talent: Organizations can acquire talent by using various sources and methods to attract and recruit qualified and diverse security professionals. For example, organizations can use job boards, social media, referrals, events, or competitions to reach out and engage potential candidates.



Develop talent: Organizations can develop talent by using various programs


About

Welcome to the group! You can connect with other members, ge...
bottom of page