A data breach is an incident where sensitive, protected, or confidential data is stolen, viewed, or used by an unauthorized party. Data breaches have been in the news frequently in the last year, and many wonder what the reason is for their dramatic rise. This is probably best explained by the value the stolen data has to attackers wishing to mount targeted attacks on large numbers of people. It is believed that much of the data stolen in breaches is sold and resold, thereby broadly enabling more sophisticated attacks — some of which may be years in the making.
Challenges with preventing data breaches
Organizations looking to reduce the risk of data breaches face several challenges.
- Expanding attack surface– With the adoption of new software and cloud computing infrastructures, the traditional network perimeter is no longer the central focus for attackers. There are simply more areas to protect and establish a beachhead for a breach, giving the attacker an unfair advantage.
- Increasingly sophisticated threats–Today’s email- based threats are targeted, sophisticated, and evasive. Traditional detection based approaches that look for malicious content can be bypassed by motivated attackers.
- The effectiveness of social engineering and identity deception– Social engineering campaigns, predominantly using email, are amazingly potent from an attacker’s perspective when it comes to tricking victims into revealing useful information or clicking on malicious URLs.