In 2018, it is an unfortunate truth that data breaches happen with increasing regularity. One recent incident was the September 6 British Airways data breach, where 380,000 card payments were exposed, but this is just one of many breaches that has happened in recent years.
Unfortunately, many businesses fail to detect data breaches before they've caused their damage. Often surprising incidents, data breaches happen more often with the age of technology and data. A new report from the SANS Institute found that those who didn’t know they had a breach drastically jumped from 10 percent in 2017 to 20 percent in 2018. That means more people are susceptible to data breaches than ever. While there are tools and resources out here meant to tackle the problem of cyber attacks, many businesses to this day fail to properly utilize them. Here’s a closer look at why so many businesses fail to detect data breaches.
Why Cyber Security Breaches Happen
Cyber security is a complicated subject. Organizations have to provide instant access while keeping important data safe. Some factors leading to a breach include:
- Insider threats - If a resource can be accessed, then it also can be compromised. Sometimes it’s malicious, such as selling off data or sabotaging a database for personal reasons. But sometimes it’s a mistake. Users create weak passwords, stay logged in on shared computers, log in under an insecure connection and more.
- Unpatched vulnerabilities - Software providers and third parties work diligently to find vulnerabilities and patch them securely. But the second a vulnerability is found, there’s someone who is trying to exploit it. If you company takes a long time to apply patches, then you’re leaving a hole in your security for hackers to breach.
- Lack of access controls - The fewer users who has access to this, the better. The fewer permissions a user has, the less damage a hacker can do from the other side. Generally, each user should be able to do their job and no one else's. However, many companies don’t address this issue, leaving their security severely flawed.
- Third-party errors - Third parties are going to need access to your stuff. This includes banks, vendors and other third parties, who will often process financial transactions or give assistance. The problem with this is that hackers often use the portals given to third parties as a means to access your data.
- Inadequate network security - Network security can prove to be absolutely invaluable when it comes down to protecting your business, or it can be a host of vulnerabilities. If you put work into your network security architecture, such as hardening and segmentation, you’ll have less to worry about. Unfortunately, most companies don’t.
With the ubiquity of technology and the increasing frequency of data breaches and cyber attacks, it is more important than ever that businesses protect their data and that of their clients, and cover themselves with a Cyber Insurance program. It can be difficult to spot these issues before they occur, and once they have occurred, it's often too late to secure coverage.
About Axis Insurance
At Axis Insurance Services, we aim to help our customers identify their exposures and protect themselves. Founded in 1999, we offer insurance programs to a wide variety of professionals and industries including attorneys, real estate, healthcare, architects, and more, and also have a wholesale division. We pride ourselves on offering flexible insurance coverage tailored specifically to each customer’s needs. To learn more about our solutions, contact us at (201) 847-9175 to speak with one of our professionals.