Cybersecurity: The Threat Against Data

It’s one of the most flourishing industries on the planet, with staggering growth that would make almost any field of business—and even most countries—envious. By next year, experts predict it will generate enough revenue to be the third-largest economy in the world after the United States and China. It’s also one of the most dangerous and nefarious enterprises imaginable: cybercrime.

The 2019 Official Annual Cybercrime Report estimates that by 2021, cybercrime will generate $6 trillion, with no signs of slowing down, and companies are rightfully nervous. While cybercrime is, of course, a general term that encompasses a multitude of digital offenses, a significant portion of that is the result of data theft. There’s no faster or more painful way for a company to discover the value of its data than when it gets into the wrong hands. Just ask Facebook, Target, Capital One, Equifax, or any of the thousands of companies who have faced a breach.

“It’s becoming more and more coordinated and growing every day,” says JT Kostman, Chief Executive Officer at ProtectedBy.AI. “The odds of you being hacked if you’re an organization of any size, it’s almost impossible that you won’t.” How can companies minimize their risk?

First StepsTo adequately protect your assets, you must first understand what you have and its worth. “You don’t put a $1,000 fence on a $100 horse,” says Praveen Minumula, Chief Technology Officer at Katalyst Technologies. “What are your crown jewels?” Concentrate on protecting your most valuable and critical assets. Balance the costs and risks of any potential compromise.

Minumula also points out that perhaps the greatest threat to data security is human error and unreliable outsider services. Companies must continually educate employees on best practices and set security expectations for collaborators. “When you are outsourcing your application development, or you’re bringing in third party vendors, you [need to] ensure they also meet the minimal security standards that you want to define,” he says. This was the factor that led to the 2013 Target breach that impacted 41 million customers.

Defense vs. OffenseIf attacks are presumably inevitable, companies must remain constantly diligent and prepare for the worst-case scenario. That means developing a contingency plan for when, not if, they face a breach.

“There’s nothing you can stop to prevent [an attack],” says Minumula. “But can you identify what caused it?” Fundamental factors that can be easily modified, such as running an obsolete system or using the same password across multiple platforms, can majorly amplify vulnerabilities. Nonetheless, what you really must prepare is how you will respond to a breach. This includes backing up data, ensuring maximized endpoint protection, and multi-factor authentication.

“If you have a perfect defense and only one offensive technique, you’re winning every fight,” says Kostman.

Criminals and ComplianceNaturally, companies want to protect both their data and their customers. However, now there are even greater incentives to take precautions. In Europe, the General Data Protection Regulation (GDPR) states that significant data breaches can result in a fine of €20 million or 4% of annual worldwide profits—whichever is greater. The recently enacted California Consumer Privacy Act gives residents of that state unprecedented control over how companies can utilize an individual’s data. Meanwhile, Oregon Senator Ron Wyden has proposed legislation that could lead to jail time for executives of companies that “misuse” consumer data.

“Companies are coming to us now and saying, ‘Ok, how do we keep the crooks at bay and keep our executives out of court?’” says Kostman. “How can you simultaneously pursue security and opportunity? That’s going to be the future.”

Katalyst Can HelpYour organization’s data is one of its most valuable assets. What strategies will you utilize to keep it as secure as possible? Contact the experts at Katalyst to determine how to prepare and protect against cybercrime, and stay tuned for more tips and insight within this increasingly significant area of data management.