In this article we will talk about Defining the Roles of Data loss and current stats of Cybersecurity, and in previous article we already discussed about Endpoint Protection.
Data is likely to be an organization’s most valuable asset. Organizational data can include research and development data, sales data, financial data, human resource and legal data, employee data, contractor data, and customer data.
Data loss or data exfiltration is when data is intentionally or unintentionally lost, stolen, or leaked to the outside world. The data loss can result in:
- Brand damage and loss of reputation
- Loss of competitive advantage
- Loss of customers
- Loss of revenue
- Litigation/legal action resulting in fines and civil penalties
- Significant cost and effort to notify affected parties and recover from the breach
Common data loss vectors are displayed in the table.
|Data Loss Vectors||Description|
|Email/Social Networking||Intercepted email or IM messages could be captured and reveal confidential information.|
|Unencrypted Devices||If the data is not stored using an encryption algorithm, then the thief can retrieve valuable confidential data.|
|Cloud Storage Devices||Sensitive data can be lost if access to the cloud is compromised due to weak security settings.|
|Removable Media||One risk is that an employee could perform an unauthorized transfer of data to a USB drive. Another risk is that a USB drive containing valuable corporate data could be lost.|
|Hard Copy||Confidential data should be shredded when no longer required.|
|Improper Access Control||Passwords or weak passwords which have been compromised can provide a threat actor with easy access to corporate data.|
Network security professionals must protect the organization’s data. Various Data Loss Prevention (DLP) controls must be implemented which combine strategic, operational and tactical measures.
current stats of Cybersecurity
Cyber criminals now have the expertise and tools necessary to take down critical infrastructure and systems. Their tools and techniques continue to evolve.
Cyber criminals are taking malware to unprecedented levels of sophistication and impact. They are becoming more adept at using stealth and evasion techniques to hide their activity. Lastly, cyber criminals are exploiting undefended gaps in security.
Network security breaches can disrupt e-commerce, cause the loss of business data, threaten people’s privacy, and compromise the integrity of information. These breaches can result in lost revenue for corporations, theft of intellectual property, lawsuits, and can even threaten public safety.
Maintaining a secure network ensures the safety of network users and protects commercial interests. Organizations need individuals who can recognize the speed and scale at which adversaries are amassing and refining their cyber weaponry. All users should be aware of security terms in the table.
|Assets||An asset is anything of value to the organization. It includes people, equipment, resources, and data.|
|Vulnerability||A vulnerability is a weakness in a system, or its design, that could be exploited by a threat.|
|Threat||A threat is a potential danger to a company’s assets, data, or network functionality.|
|Exploit||An exploit is a mechanism that takes advantage of a vulnerability.|
|Mitigation||Mitigation is the counter-measure that reduces the likelihood or severity of a potential threat or risk. Network security involves multiple mitigation techniques.|
|Risk||Risk is the likelihood of a threat to exploit the vulnerability of an asset, with the aim of negatively affecting an organization. Risk is measured using the probability of the occurrence of an event and its consequences.|
Assets must be identified and protected. Vulnerabilities must be addressed before they become a threat and are exploited. Mitigation techniques are required before, during, and after an attack.