Today, organizations face cyber security incidents across every sector. Data breaches are one of the most prevalent. If we were to define a data breach, it would be, “the intentional or unintentional release of secure information to an untrusted environment” (National Forum on Education Statistics). [1]
A data breach can come from a variety of sources, including:
- Internal threats—Actors within an organization.
- External threats—Actors from outside an organization.
- Intentional breaches—Breaches that are motivated by malicious purposes.
- Accidental breaches—Breaches that occur because of human error (National Forum on Education Statistics).
We can take this opportunity to learn by illustrating a recent, accidental data breach that exposed over 5 billion records! Cognyte, a cybersecurity analytics firm, recently had its database of more than 5 billion records exposed. This database, used to alert customers to third-party data exposures, was listed on the surface web without any authentication required to access it. [2]
Red Sky Alliance, much like Cognyte, stores data as part of our cyber intelligence services. However, Wapack Labs ensure our database is both private and secured with proper authentication, authorization, and non-repudiation methods. Our database is used to cross-check and alert our clients to third-party data exposures. The information which we scrape is from the dark web and is then translated, organized, and alerts our clients to potential compromise.
Your organization can face serious consequences if you leave your information susceptible to a data breach. Some examples include unauthorized access to a company’s payroll system leading to financial or identity theft. Or even as simply as a compromised notification/automated call system. While it may seem unimportant, a compromised notification/automated call system can cause panic by sending fake emergency messages and can even lead to the theft of personal contact information.
While automatic protections can be used to minimize the loss of critical data in the event of a data breach. These automated protections, such as backups, must also be protected against cyber security threats. This should be outlined in your company's cybersecurity plan. “Cybersecurity planning encompasses plans, policies, procedures, and activities to proactively prepare for, appropriately respond to, and responsibly recover from a cybersecurity incident. The plan includes all agency’s actions to protect systems and data before, during, and after a cybersecurity incident” (National Forum on Education Statistics).
This includes:
- Developing the individual and organizational capability to manage risk;
- Implementing appropriate safeguards to protect systems, hardware, devices, and software;
- Implementing tools and activities to identify the occurrence of an incident; and;
- Developing and maintaining plans for the restoration of any system, hardware, device, and/or software (National Forum on Education Statistics).
A timely and effective response plan is vital because cyber security incidents, like a data breach, require an urgent response. A cybersecurity response plan usually includes:
- Specific actions that will be followed when an incident occurs,
- Roles and responsibilities to document the types of issues that may arise and identify which staff are responsible for specific tasks and,
- Criteria for deciding when to shut down a system, service, and data exchange (National Forum on Education Statistics).
An example of a well-drawn-out cybersecurity plan, by Carnegie Mellon University, can be viewed here.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] National Forum on Education Statistics (ED), & Quality Information Partners, I. (QIP). (2020). Forum Guide to Cybersecurity: Safeguarding Your Data. NFES 2020-137. In National Forum on Education Statistics. National Forum on Education Statistics.
[2] CISOMAG (QIP). (2021). Another Case of Unprotected Database: 5 Bn Records from Previous Data Breaches Leaked. CISOMAG.
Comments