Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

Thursday, April 02, 2020

Newsletter: A single data breach costs over $1M on-average for businesses in SEA

03/30/2020 01:45:43 PM

Author's note: Some instances will tell you that it takes one small act to define a big cause – and break it, too. Kaspersky has reported that a single data breach would cost a company over a million dollars on average.

This was mainly because of the lack of adequate matters in keeping cyberattacks away from them, such as internal talent, technical knowledge, and the appropriate IT security product/s. Read that and more in this press release below:

*****





Last year saw headline-grabbing information leakage incidents involving companies and organizations in Southeast Asia (SEA). The rising cases of data breaches were proven costly by the latest research from Kaspersky. IT business decision-makers from the region admitted to losing $1.10 million (Php 55M) on-average because of this virtual menace, just a tad short of the global financial impact of $1.41 million (Php70.50M) for enterprise companies. 

Conducted last year, the annual study from the global cybersecurity company showed that aside from the monetary aftermath, victims also confirmed losing approximately $186 million (Php 9.3B) on business opportunities after an unfortunate attack involving their precious data.

The majority of the businesses in SEA who experienced a data breach (53%) also paid compensation to clients or customers, encountered problems with attracting new customers (51%), were subjected to penalties or fines (41%), and lost some business partners (30%).

In terms of the data involved, most incidents saw leakages of customer-related details such as personally identifiable information (53%), authentication credentials (33%), payment or credit card specifics (32%), account numbers (27%), and other personal particulars (26%). Personal employee information (30%) were also divulged accidentally as well as sensitive corporate data (23%) and corporate intellectual property (16%).

“It is important to know the damages a single data breach can incur to a company, not to shame the entities involved but to serve as a lesson for those who assume their networks are safe. These victims from our region were brave enough to admit the issues they were facing which resulted in such an incident. Most of them lack knowledge and technical team plus the low level of security awareness among their workforce. They also confess that appropriate IT security solutions remain a missing piece for their enterprise networks,” explains Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Instead of crumbling, companies in SEA bounced back with positive changes after suffering a virtual drawback. The majority of the respondents (56%) put in place additional security policies and requirements, switched security vendor/s or service provider/s (53%), and improved authentication procedures for customers (49%).

Threat intelligence capabilities (62%) were also among the areas of technology enterprises invested into after a data breach, followed by incident response program (61%), network detection technologies (61%), and endpoint detection tools (44%).

“The best way to recover after a breach is to reassess your IT security environment and to identify the exploited loopholes. Know the tools and technologies you have, and then improve upon them. If your business is still on its baby steps, endpoint solutions should be your first layer of technical defense. Think that any malware needs an open door to enter your network. Cybercriminals are intelligent enough to research on your weak points, so be sure that your systems’ doors are intelligently guarded,” Yeo adds.

A data breach can have a devastating effect on an organization's reputation and financial bottom line. Kaspersky shares best practices to fend off one:
Employ training and activities which will educate employees about cybersecurity basics, for example, to not open or store files from unknown emails or websites as they could be harmful to the whole company.

Regularly remind staff how to deal with sensitive data, for example, to store only in trusted cloud services with authentication switched on, do not share it with untrusted third parties.

Enforce the use of legitimate software, downloaded from official sources.

Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that can become a reason for a breach.

Use a dedicated endpoint product that demands minimum management allowing employees to do their main job but protects from malware, ransomware, account takeover, online fraud and scams such as Kaspersky Endpoint Security for Business. It also protects enterprises from malware and roll-backs malicious activities; helps to keep file servers protected and enforce password policy; protects payment details during online payments; and allows encryption to keep sensitive data protected on devices.

*****

Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!