What is a data breach?
A data breach is any incident that exposes data to an unauthorized environment. The affected data may or may not still be accessible to the victim organization after the breach. This definition holds whether the data breach was caused by intentional or unintentional actions.
The breached data can include anything from relatively inconsequential personal files up to details of highly confidential health records and financial information.
Causes of data breaches
The words “data breach” often bring to mind hackers with malevolent intent. That’s definitely a serious threat, but it’s not the only one.
Other types of data breaches, such as human error and system glitches, are inadvertent and, therefore, have benign or no intent. Nevertheless, a non-malicious data breach can sometimes be almost as costly as a malevolent one. Most studies show that more data breaches result from human error than criminal attacks.
Data breaches are not always caused by external actors: hackers, political activists, organized crime, and so forth. Internal staff or contractors may also seek access to sensitive data or intellectual property for their own personal gain.
According to a 2020 Precisely survey, the most common type of breaches were virus/malware attacks (76%) and phishing (72%). Interestingly, virus attacks came from internal sources roughly half the time while phishing usually came from external sources (78%).
What happens when there is a data breach?
In recent years, high profile data breaches have affected multinational corporations, global financial institutions, and even nation-states. Whether it is identity theft for personal gain or the theft of valuable military intellectual property, a data breach is a significant source of concern for cybersecurity practitioners around the world.
The reported costs of a data breach can vary, from about $150 to $300 per compromised record. There are typically higher costs associated with data compromised via a criminal attack because it is exactly that, a criminal attack. A user error, or particularly a system failure, may have not involved any malicious intent at any stage of the data breach and its repair, but a criminal attack is almost always undertaken to extract value from or do damage with the purloined data.
Yet while direct financial impacts are normally the largest component of the costs of data breaches, they alone do not tell the whole story. A company’s reputation is also at stake, and the cost of recovering from a data breach may also be high.
Legal liability is the most highly publicized direct financial cost. Some notable settlements in data breach cases have ranged up to more than $100 million. In addition to the cost of settling lawsuits or of judgments from trials, regulators may impose penalties after a breach.
Breach recovery is also costly as companies must notify affected customers, potentially assign new accounts, assist with the consequences of possible identify theft, and more. Subsequent damage to a company’s brand and lost of customer trust are more difficult to quantify, but potentially just as costly.
How to prevent a data breach
Precisely's recent data security survey found that data breaches are all too common, and most organizations don’t meet breach response metrics. Forty-one percent of organizations surveyed reported to have experienced a data breach.
While there are multiple ways to prevent a data breach, an organization’s data security strategy should start with key concepts for protecting the privacy of IBM i data and IBM i Security: Identifying the Events that Matter Most.
Complying with existing cybersecurity regulations, enacting a cyber risk management strategy at the organizational level, and employing a team of risk managers to control access to systems and data, and monitor and evaluate risks as they arise is an excellent place to start.
Enhance your organization’s IBM i security with Assure Security from Precisely to protect your data from breach.