GET TO KNOW YOUR SECURITY THREATS

by Stacey Richards on February 18, 2020

In today’s world of ever-evolving technology, organisations must pay more attention than ever to setting up bulletproof data security practices. The number of data breaches hitting the headlines shows that every organisation, regardless of the size or industry, is at risk. At PCI Pal, we provide solutions to make sure that no sensitive data enters your infrastructure so effectively, there is nothing to secure or protect. If you aren’t descoping your contact centre environment, make sure you are prepared for some of the threats outlined in this blog and in our supporting infographic ; you have been warned!

Malicious hackers represent one of the largest threats in the data security realm – according to Verizon’s Data Breach Investigations Report, hackers played part in over half of all data breaches that occurred in 2019. Most hackers are capable of writing their own attack programs and often even building their own platforms in order to target your organisation. Through phishing scams, spam emails, instant messages or fake websites, they can deliver dangerous malware to your employees’ computers and compromise the security of the whole network. If malware gets installed directly in your payment portal, the scammer gains access to countless amounts of payment card data in a matter of seconds. Computer hackers can also access your computer and private information directly if you are not protected by a strong firewall. From there, they can monitor all communication within a company and infiltrate the back-end of your organisation’s website. In 2019, hackers were most motivated by potential financial gain or by the potential of gaining a strategic advantage through espionage when penetrating security systems. With the average cost of a breach amounting to a whopping $3.9 million, not many organisations can take the risk of ignoring the latest data security practices (2019 DBIR).

While businesses expect to be targeted by spiteful hackers, they often fail to realise the threats that await inside the organisation itself. The Data Breach Investigations Report suggests that over a third of all incidents in the last twelve months were perpetrated by internal actors, your employees. This statistic includes disgruntled employees with an intention to do harm as well as those individuals who caused a breach accidentally due to their own negligence. With over 15% of breaches caused by errors and misuse of authorised users, companies should prioritise the consistent education of all employees as well as a consistent review of who has access to sensitive data within the organisation and take steps to not only build but maintain their human firewall.

Once secured against negligent employees and hackers on the other side of the screen, companies must not underestimate the external threat posed by third-party vendors such as contractors, partners, and even the office maintenance staff. While this type of threat is somewhat rare when statistically compared to hackers and insiders, it can cause just as much reputational and financial damage. Organisations can best protect themselves against external threats by strictly controlling physical access as well as the degree of access provided to partners and third parties.

Ultimately, the best way to protect your organisation and prevent sensitive data falling into the wrong hands is through descoping your contact centre environment. Rather than trying to keep hackers and threats out, businesses should focus on encrypting or removing the data they have, therefore ensuring there is no data to be stolen in the first place. At PCI Pal, we support businesses in minimising risk by ensuring valuable data is not managed, processed or stored within an organisation’s contact centre environment.