Despite what you may think, by and large the last 12 months have not seen data breaches become more convoluted and complex. In fact many of the same methods used across the last 12 months are the same as the many years before.
Despite this, the numbers of data breaches has been increasing, with millions of customer records being stolen.
So if not much is changing, why are the number of breaches increasing and what can you do to make your company less vulnerable to cyber attack?
One of the most common methods of attacking companies today is from phishing, which in reality is a fairly old method.
Despite this 23% of phishing emails are opened and 11% click on attachments, according to the Verizon 2015 Data Breach Investigations Report.
If you can identify the emails that are likely to contain phishing methods, then they can be filtered and prevented from hitting employee inboxes. Spam filters already do this to an extent, but it is increasingly difficult to create a spam filter that allows the necessary emails to get through whilst blocking the potential harmful ones.
Therefore, creating a flagging system that can filter out the necessary emails through human logging can work even better.
Update Your Systems
One of the key reasons for systems allowing malware and malicious cyber attacks is because they are not upgraded to the extent that they should be.
In fact, from the Verizon report, it was found that 97% of the attacks that occurred due to system vulnerabilities were down to the 10 most common vulnerabilities. Simply knowing what these are and then making sure that your systems cannot be exploited using them, is going to be one of the surest ways of securing your data.
This isn’t necessarily a complicated exercise either. Most of the vulnerabilities had a fix that had been available for over a year and of the top 10, there were even some who’s fixes had been known since 1999.
Essentially, if you cannot implement a fix that has been known about for over 16 years, then you are asking for trouble.
Despite the belief that hackers can use complex systems in order to compromise systems, the truth is that the majority of hacks come about due to human error or misuse of systems. It could be that somebody has not been aware of what they are doing or that they have fallen for a scam.
In order to make sure that this does not happen, potential snags should be found and those that find them should be rewarded.
Data hacks can cost huge amounts of money, offering a monetary reward to people who can find these weaknesses or potential problems with processes that could create vulnerabilities, will mean that people will be actively looking for them. If you have hundreds or thousands of people looking for these weaknesses, they are more likely to be able to find it that one dedicated hacker.
Undoubtedly the most important aspect of protecting your system from breaches is by making sure that the people using it are educated in the best ways to protect it.
Having a programme in place where you can show your employees how to protect themselves and the company against malicious attacks is going to reap rewards. It may only be an hour per month detailing new techniques, but will have immeasurable positive effects across the company moving forwards.