For ordinary people, a data breach means losing information to attackers, either data owned by a company or its clients. The U.S. Department of Justice defines a data breach as “the loss to control, compromise, unauthorized disclosure and acquisition, access for an unauthorized purpose, or other unauthorized access, to data, whether physical or electronic.”

The theft of sensitive information continues to rise. According to a Statista report, 1,001 cases occurred in the United States in 2020, with cybercriminals targeting several organizations’ databases.

As of January 2020, one of the most significant reported data leaks was the security breach that occurred at the national ID database in India in early 2018. The attack caused the loss of personal and biometric information that reached more than 1.1 billion records. The biometric information included fingerprints and iris scans that India’s citizens use to receive financial aid, open bank accounts, and receive other government services.

The average cost of one data leak across all industries worldwide, as of 2020, reached close to $4 million. The costliest was in the healthcare sector, where a single reported leak costs about $7.13 million, followed by the energy and financial industry, where each breach caused about $6 million.

Most of the attacks were perpetrated by about six organizations in the first quarter of 2021, with the attack on Taiwanese laptop manufacturer, Acer, being the most costly, at $50 million.

These cyber-attacks are becoming almost routine. But it shouldn’t be the case. Everyone must change their security posture if they want to turn things around since data privacy regulations have minimal impact on attackers’ actions. Employing disruptive defences will make it extremely difficult for criminals to steal data almost at will.

1. Disruptive defence

Most cybercriminals can access databases because of vulnerabilities in an organization’s security system. It’s also because most of the features of various security platforms are similar. Preventing a data breach using disruptive defence means unique fielding defences based on current industry standards, raising the organization’s security to higher levels.

Here are the disruptive defences you can deploy.

a. Rule out shared-secret authentication system

This means replacing passwords and one-time PINs with public-key cryptography authentication using cryptographic hardware to protect keys. This type of authentication does not store secrets on the server. Instead, it remains with the user, kept in special hardware installed on electronic devices.

It creates a key pair – a private and public key. The pair is encrypted when used in communication. It eliminates the use of passwords and is already supported by browsers and major operating systems.

b. Ensure the authentication of a transaction before its completion

Many businesses require digital signatures. Since it is now necessary for several business environments, you should use similar technology for strong authentication to establish an authoritative source for the transaction (from the user) and a transaction confirmation (for the business).

c. Uphold data confidentiality with encryption

Recent regulations make it mandatory to encrypt all sensitive data. But application developers must ensure that only authorized applications can decrypt classified data. Your defence will be stronger by combining public key cryptography authentication with encryption.

d. Maintain a transaction’s integrity throughout its lifetime

You can do this with a digital signature, but this time, it should be used by the application itself. At the source of the transaction, you are assured of its authenticity by a digital signature. But during the processing, different applications modify the transaction.

Each application must apply a new digital signature to safeguard the integrity of the changed transaction. When you can verify the transaction’s digital signature from the start until its current state, it’s your assurance that no one made unauthorized changes.

e. Use cryptographic hardware where you store and use cryptographic keys

Cryptography is your last line of defence when you want to protect sensitive information. Whenever possible, use cryptographic hardware to erect barriers against attacks. Granted that cryptographic hardware can also be attacked, but the attacks are not common or scalable. This is because the attacker must access the physical computer to store the cryptographic keys to compromise them.

Some cloud applications are vulnerable to cyber-attacks. Therefore, ensure that you have an application architecture that creates a secure zone when cloud applications need to access cryptographic services when using a public virtual machine.

2. Why do breaches happen?

You cannot blame all of the data breaches and data losses on cybercriminals. Part of the problem is the negligence of employees. There are so many tactics that cybercriminals employ to exploit vulnerabilities. Some of the most common methods they use are:

  • Phishing emails and websites – Attackers make URLs look legitimate, so people can unknowingly download spyware and viruses by opening infected emails from unknown sources. It is one way to download ransomware that compromises and makes sensitive data inaccessible until the company pays a ransom.
  • Weak password practices and management – Some people use passwords that are easy to remember, which they sometimes use for multiple accounts. These passwords are typically very easy to hack. Using a specialized password generator to provide all computer users with a strong password will minimize data leaks.
  • SQL injection – This is one of the most popular methods for performing data breaches as most organizations use SQL or similar databases. Cybercriminals can exploit weak access and authentication controls in accessing the database by injecting malicious code into data entry or web URLs.
  • Using unprotected personal devices – Many employees can use their devices to access login credentials and corporate information. But some employees can be careless and lose these devices.

3. Recognizing signs of data breaches

When your entire company is aware of and understands your data security protocol, it is easier to recognize the signs of data breaches. Here are some of the characters you need to know if there was a breach.

  • When there is unusual traffic volume, it could be a sign that an attacker is using your network to transfer data.
  • Monitor your system files because changes in them could mean a hacker is starting to modify them to weaken your security system. Likewise, regularly check your critical files and immediately investigate if there is an extensive amount of changes.
  • A high volume of database transactions, user logins from various locations, and changes in batch permissions can be a sign that there is a data breach.
  • Failure to shut down system processes and prolonged slow internet connection are signs of malware infection, and you should inform your IT team immediately.
  • You have been infiltrated if you notice sudden password changes suddenly. Other signs include modifications to group memberships and account lockouts that occur unexpectedly.

Summary

With cyber-attacks to date, one of the most effective means to deflect cyber-attacks is to use disruptive defences. They have been around for several years, but their implementation as an integrated platform is not typical.

With it, you emphasize protecting the data through different protective layers, not only your existing data security systems and protocols.