One of the biggest challenges organizations face today in trying to secure their IT environments is a lack of data awareness. Despite all the recent high-profile hacker attacks against well-known enterprises, many companies simply don’t know where much of their critical business information exists at any given time.
Think about the files lying around that contain personally identifiable information, such as names and addresses, Social Security numbers and credit card numbers, then multiply that by all the customers, suppliers, employees, etc. the company has interacted with, over all time, and it’s clear that the average organization handling customer information faces a daunting challenge.
But before they can even think about protecting the data, organizations must first identify it and determine where it resides. They need a way to discover where all these sensitive files are located, what type of information is stored within those files, who is accessing the information and how frequently they are accessing it.
Threats are continuing to expand. As long as personal information has a tangible financial value associated with it, combined with the ease by which someone can acquire that information from a compromised company and then sell it, threats will keep evolving.
We’re not talking about attackers who are doing this from their parents’ basements. The typical profile of an attack against corporate systems is of loosely organized, or even formally organized, criminal enterprises or state-sponsored groups that are doing this as a business.
They are compromising hospitals, financial services firms and other companies and trying to get as much information as possible to sell on the underground market or dark web. Much of that information represents tangible financial gains, so these types of incidents will likely keep getting more organized and expanding considerably.
Organizations can better protect themselves and their data; the first thing they need to do is become data aware – understand where sensitive information is located so they can protect it. Lots of companies are throwing money into security products to protect their information assets, without even knowing for sure what it is they’re protecting and where these assets are.
Becoming more data aware and then deploying the appropriate security measures such as encryption and policy controls, provided by products such as HyTrust DataControl and CloudControl, can be a challenge, especially for smaller companies focusing on their basic business operations rather than on data protection. But given the risks of not effectively safeguarding sensitive information, all organizations need to become data aware on their way to becoming more data secure.
Is your data at risk? Get a free security assessment with HyTrust CloudAdvisor today – Just contact the team at Click 26 to arrange.
Zurich refuses to foot NotPetya ransomware clean-up bill – and claims it's 'an act of war'. Snack company client disagrees, sues for $100mUS snack food giant Mondelez is suing its insurance company for $100m after its claim for cleaning up a massive NotPetya...
I have a friend who manages a large financial investment company based in NJ and each year, sometimes twice a year, he brings in a team of pen testers to run a test and check the box for security regulations. When I told him that my company automated pen testing (PT)...
You’ve received an email. As no phishing filter can keep out 100% of all phishing attacks, there’s a chance the email could be malicious – no matter what it looks like. How do you check whether or not the email is a phishing attack? Step 1: Is the email expected? When...
Think like a hacker. It seems so obvious, but you might be surprised to hear that most cyber security professionals were taught to think about cyber security from a defensive standpoint. How to protect against a hacker’s attack versus asking the question, if I were a...
204 London Road
Company Registration: 07108413
VAT Number: GB183595274
© 2018 Click 26 Ltd.