Common causes of large breaches (Q1 2019)

Introduction: What’s to be done about data breaches?

With the new focus on digital privacy and data privacy regulations, data breaches are increasingly in the news. The EU’s General Data Privacy Regulation (GDPR) has increased the types of data that are considered sensitive and the penalties for a breach. GDPR and similar regulations, as well as the number of high-profile data breaches, have caused organizations to commit to a greater focus on privacy. Organizations are actively working to decrease their potential exposure to a data breach by beefing up their cybersecurity defenses.

When trying to design and implement a strategy for protecting against data breaches, it’s useful to understand what the most common causes of these breaches are. This article looks at the data from the first quarter of 2019 and classifies breaches into several common categories.

Common causes of data breaches

Data breaches involve the release of sensitive data to unauthorized parties. While most people’s first thought when hearing of a data breach is that external attackers have gained access to the organization, data breaches can be caused by a variety of different reasons.

The Identity Theft Resource Center (ITRC) defines seven different causes of data breaches:

  1. Accidental Web/Internet Exposure: Sensitive data is accidentally placed in a location accessible from the Web. The news stories about improper usage of Amazon S3 permissions (and other cloud storage) fall into this category
  2. Data on the Move: Securing data in transit is often a challenge for companies. Using HTTP and other insecure protocols is a common cause
  3. Employee Error/Negligence/Improper Disposal/Lost: This category covers all data breaches caused by employee negligence. Data security policies that are weak and/or unenforced can lead to unintentional data breaches
  4. Hacking/Intrusion: Data breaches involving an external party (i.e., a hacker) are what most people expect when (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: