With the surge in data breaches, how do companies leak data?
According to data released by RiskBasedSecurity, data breaches reached a peak in 2019, with more than 3,800 data breaches attacking enterprises or institutions in the first half of the year, an increase of 50% or more in the past four years.
The report noted that between 2015 and 2018, the number of data breaches changed by less than 200. But in the first six months of 2019, the number of data breaches increased by 54% compared to the same period a year earlier.
In contrast, according to the report, the number of records exposed in the first half of 2019 was down 30% compared to the same period in 2017, although this figure may change in the second half of the year. PaigeA was specifically described in recent presentations. Thompson published a range of data that the hackers, dubbed the CapitalOne data breach, allegedly had terabytes of stolen data from more than 30 other companies, educational institutions and other entities. frequency jammer
While the cybersecurity community has raised concerns about insider threats, 89 percent of breaches are caused by external attacks. But the report noted that a growing number of breaches stemmed from insiders failing to properly handle sensitive data or security information, with 149 misconfigured databases and services leading to the breach of more than 3.2 billion records.
RiskBasedSecurity also pointed out that data breaches can also occur when sensitive data is handed over to third parties, such as when hackers breached AMCA's network and stole records of more than 22 million debtors, including names, addresses, dates of birth, social numbers and financial details. The statement noted that the breaches had serious consequences for AMCA, as the company was forced to file for bankruptcy protection just two weeks after news of the breach made headlines.
According to data released by RiskBasedSecurity, healthcare services are the most affected industries, with retail, finance and insurance, public administration and IT occupying the top five.
So, how to protect user data from being leaked?
1. Update the operating system in time to block security loopholes in the operating system
The method of regularly upgrading and updating the operating system can effectively block the security loopholes of the operating system, so as to meet the security performance indicators of the operating system and improve the defense capability of the operating system. Therefore, we should update the operating system in a timely manner during the use of the network to prevent problems before they occur.
2. Install anti-virus software in the network terminal system to improve defense capabilities
In order to ensure that the network terminal can meet the security performance requirements, we should install anti-virus software in the network terminal system, and regularly disinfect the network terminal system to ensure that the network terminal system can resist virus attacks and improve the security of the network terminal system.
3. Use information encryption technology to improve the security of the database
Combined with the application characteristics of the database, encryption technology is adopted for the information in the database to prevent the data in the database from being stolen and improve the security of the data.
4. Deploy SSL certificate and use HTTPS encrypted transmission protocol
HTTPS is a relatively secure encrypted transmission protocol and an upgraded version of HTTP. HTTPS=HTTP+SSL, where SSL and its successor TLS are a security protocol that provides security and data integrity for network communications. TLS and SSL encrypt network connections at the transport layer to prevent data transmission from being stolen, snooped or tampered with.
In the context of an interconnected global digital economy, data is the most important strategic asset of an enterprise. Only by raising the awareness of the value of data, attaching great importance to the methods of data storage, use and management and placing it at the center of the enterprise strategy, and establishing an effective data protection strategy, can the enterprise security be ensured.
