A visit to the dentist less painful than data breach admission

Lastline documents the pain data breaches cause security professionals.

  • Friday, 23rd June 2017 Posted 7 years ago in by Phil Alsop
Lastline has published the results of a survey conducted at Infosecurity Europe 2017. It found that 44 percent of security professionals would rather have root canal surgery than make the dreaded walk of shame to the boardroom to explain that they’ve suffered a data breach.
This statistic reinforces the severity with which all organisations – regardless of size or industry – treat the prospect of a data breach. Brian Laing, Senior VP of Products at Lastline said: “The fact that nearly half of cyber security professionals would prefer to undergo a painful dental procedure than face their board about a data breach just shows how seriously these attacks affect organisations today.
“On a more positive note, it does show that cyber security has risen up the board’s agenda,” he added.
This revelation follows a year of unprecedented levels of data loss by organisations at the hands of cybercriminals, including the biggest data breach ever recorded, whereby the user account information of 1 billion Yahoo! users was posted for sale on the dark web.  The number of data breaches has skyrocketed in recent years, rising from 297 reported breaches in 2015 with 292 million records exposed, to 537 in 2016, exposing a terrifying 2.3 billion records.
“It is right to dread a data breach.  It isn’t simply the breach itself that can be so damaging for both organisations and consumers, but the further criminality it facilitates,” said Laing. “Every breach reveals data that criminals can use to launch additional attacks, either by the initial attackers or other criminals to whom they sell the compromised data. They merge data from multiple sources, building dossiers on potential victims, including spear phishing targets inside corporations. Data breaches provide a distribution hub for malware for years to come.”
The reality is that even the latest firewalls, intrusion protection systems (IPS), and first-generation sandbox appliances are no match for sophisticated and evasive malware or related attacks, especially if the team, technology, and processes are not in place to identify and remediate the attack. However, ensuring that the latest patches have been installed, users are educated about phishing techniques and risks introduced by personal devices, and the latest advanced malware detection technology is in place will significantly help companies avoid having to make the painful walk to the boardroom.