2019 looks set to be another record year of major data breaches. All forms of data, from personal to sensitive company information to Intellectual Property, is at risk. The World Economic Forum’s “The Global Risks Report 2019” has placed cyber-attacks and data theft as a “higher than average likelihood” event in 2019. And already, as we enter the second half of the year this is being borne out with data breaches, involving massive levels of exposure, being published to our news feed.
Exposure of data of all types have entered the realm of the norm, but they are also preventable. For example, some database breaches, including a few presented in this paper, can be traced back to poorly secured instances; human error being the reason for exposed data from passwordless use of Elasticsearch or poorly configured Amazon S3 buckets. Others involve insiders maliciously stealing information.
Other cybersecurity threats to our data are more complicated to fix. Targeted attacks by hacking gangs or insider threats driven via external collusion, need to be tackled using more sophisticated methods, again DLP can help in mitigating those risks.
This paper will look at some of the biggest data leaks and breaches in the first half of 2019.
We will also address some of the techniques needed to hold back the tide of data flowing out of our enterprises without our permission.