IT security in 2021: plan for a safer year by locking down data first
By Chris Pallikarides, General Manager of ITBusiness, a company in the KID Group
Newly dispersed workforces, rapid transitions to cloud and hurried digital transformation could leave a great deal of sensitive data at risk. This is the time to focus on data first and improve information security in 2021.
Data is the lifeblood of a business and extremely valuable hence why it is the target for cybercriminals. In fact, according to IBM’s new Cost of a Data Breach report for 2020, customers’ Personally Identifiable Information (PII) is the most frequently compromised type of record, and – at around $150 per record – it is also the most valuable. This should be a major concern to South African organisations counting down to the full implementation of the Protection of Personal Information Act (POPIA) which is only months away.
The IBM report notes that last year, the average total cost of a data breach was over $2.14 million in South Africa – cost’s businesses cannot afford during these tough and trying economic times. Interestingly, only 52% of breaches were caused by malicious attacks: system glitches and human error accounted for the rest of the global breaches last year. This underlines the importance of better practice data management, in addition to the basic information security measures.
Many local organisations are now confronting the fact that key data is vulnerable and measures must be put in place to mitigate this risk. This is not through negligence but rather due to the pressure placed on IT teams when the global Covid-19 pandemic reached our shores and disrupted business as we know it early last year.
Digital transformation, being the integration of digital technology into all areas of a business, was forced upon companies at a rate so alarming that no pro-active or well thought out plan could have fully addressed and prepared us for this transformation.
Most companies were not geared for the sheer volume, velocities and variety that was going to be needed in order to keep operations going and businesses running. The aforementioned can be seen as a positive in a way, since we have now discovered that it is in fact possible to adapt and change the way we work and operate in order to keep the business successful and operational.
The new Microsoft Digital Defense Report, stated that ‘We have seen two years’ worth of digital transformation in two months.In a recent survey conducted by Microsoft, 73% of CISOs indicated that their organisations encountered leaks of sensitive data and data spillage in the last 12 months and they planned to spend more on insider risk technology owing to the COVID-19 pandemic. The report said Microsoft’s own successful transition to remote work was due to its investment in a Zero Trust architecture, including Multi-Factor Authentication, ubiquitous device management and conditional access enforcement.
One of the major enablers that allowed for the intense scale up was the cloud. Having the ability to scale to large volumes quickly and relatively seamlessly meant that companies could leverage off cloud infrastructure to compensate where they were lacking. The downside of the rapid movement to cloud meant that security was severely overlooked. IBM’s report cites misconfigured cloud servers, alongside stolen or compromised credentials, as the most frequent initial threat vector in breaches caused by malicious attacks, at 19%.
Another consideration is that cloud infrastructure and services are not managed by the enterprises themselves, so ensuring the various data laws are complied with can be tricky and problematic resulting in various threats. Managing access to the data through strict processes and policies as well as encrypting the data from end-to-end, will mitigate risk against these severe threats.
Many countries have passed various data protection laws that enterprises need to comply with, often large enterprises will need to comply with multiple laws due to the fact that they operate across various geographies. With data laws that vary in application, companies will need to relook their security policies to ensure that they are adequately covered in the event of a breach. Some data laws carry severe penalties that, compounded with the cost of the breach as well as the potential loss of market share, could cripple even the most profitable business.
Due to the sudden migration to cloud, security was overlooked as a possible inhibitor to operational efficiency. It is paramount that security is maintained at all levels of the development cycle. DevSecOps is growing in popularity and this development framework ensures that security is considered at all levels of the development lifecycle of the application or system. Cybercriminals rely on the fact that enterprises move at speed and forget the basics of security, allowing them to pounce at the very first opportunity they get.
Artificial Intelligence and Machine Learning is becoming more popular within organisations as a tool to detect anomalous behaviour in an environment. However, if the basics are not covered, such as a company knowing where its critical data assets are situated, then the tools are almost redundant to detect behaviour that could compromise an environment. If a company does not know where their data sits, how can they protect it?
With POPIA compliance crucial this year, 2021 is the time to address data security gaps by auditing data assets and identifying any potential risks. Organisations have to implement data management best practices and move to encrypt data at rest and in flight across the cloud and dispersed workforce environments.
Risk assessments should cover all the key vulnerabilities including system glitches and human error with penetration testing to find gaps and reduce risk across people, processes and technology. Testing the effectiveness of incident response plans is also important in order to cover as many bases as possible.
In closing the challenge lies in the persuasion of businesses and companies, which must adopt appropriate measures to defend themselves and the data they hold from various threats and attacks, this can only be done with proper measures in place and adequate information and knowledge at hand.