A new day, a new data breach.
It is not a question of if you get hacked, but when. Every day it seems there’s a new data breach. Government entities such as the IRS and the Office of Personnel Management have all suffered breaches. Even companies like Google, Yahoo, Marriot, T-Mobile and Amazon have all been affected. Hackers are constantly seeking new targets. As a result, the number of victims are increasing every day. That’s why it’s no surprise that every day we wake up to yet another data breach. But companies and organizations are not the only ones at risk. Hackers are trying to gain access to your information as well. A hacker may even use stolen data to gain access to a more secure location. But there is hope. There are measures you can take to reduce your risk. Through proactive security, you can help prevent the inevitable data breach.
A data breach is the release of private, secure or confidential information to an untrusted environment. Data breaches can be intentional due to a successful hacking attempt. But human error can also be a cause. Unintentional breaches are often referred to as data leaks. The inevitable data breach occurs when an unauthorized person accesses a secure website or database. Data breaches result in data loss. This data can include financial, personal and healthcare information. They can also affect companies and organizations, resulting in the loss of trade secrets.
Causes for Data Breach
The common perception is that most data breaches occur at the hands of outside hacking attempts. But this is not always true. There are several causes of the inevitable data breach:
- Lost or Stolen Device: Lost or stolen devices pose serious risks to security by way of unauthorized access to the device by someone other than the device owner. Even more so if PIN numbers or passwords are not used.
- Stolen Credentials: Stolen or weak credentials is the leading cause for the inevitable data breach. If a threat actor gains access to your username and password combination, they now have unlimited access to your system or account.
- Accidental Insider threats: An accidental threat is a situation where an insider causes damage or data loss, but does so without malicious intent. Accidental threats occur through natural disasters, human error, or computer malfunction.
- Malicious Insider Threat: A malicious insider is an unauthorized employee who deliberately accesses data or systems in an attempt to cause damage or gain access to sensitive data.
- Malicious Hacker: A hacker is someone who gains unauthorized access to a system or information through various attack vectors. This can be a hacker exploiting a vulnerability, or a social engineer launching a phishing campaign.
While data breaches may be inevitable, there are steps you can take to protect yourself. Probably the single most important step is keeping your system up to date. Make sure your operating system has the latest patches. Update all applications that face the internet. If your software is no longer supported, upgrade to the newest release. The same goes for devices. If it is incompatible with the latest update, it is time for a new device. If your system is not up to date, hackers can exploit any vulnerabilities that exist.
Always question everything and be mindful of phishing attempts. If you get an email requesting sensitive information, do not click on any links until you have verified that the email is legitimate. Avoid plugging in unfamiliar USB devices. Always use strong passwords unique for each account. Do not recycle passwords. However, use a password manager instead. Use unique PIN codes or pattern locks on phones and tablets. Always install and run antivirus or anti-malware. Use two-factor authentication (2FA) on your accounts. When available, use bio-metrics and Touch-ID to secure your devices. Uninstall applications and software that you no longer use. This can help reduce the likelihood that your software has a hidden security flaw.
Always create a guest WiFi account on your wireless network. Never connect to public or free WiFi. Do not use WiFi networks without encryption. If you believe your computer is infected with some form of virus or malware, stop all activity. You then want to either run a system wide scan using anti-virus software or consult a reputable computer repair technician to perform the scan and removal. When taking your computer in for service, create a guest account with a temporary password. This limits access to secure files and sensitive data.
Are you cyber secure?
Hackers are getting smarter every day, and social engineering is still the most popular cyber attack. But despite the many threats that exist, you can better protect yourself through proactive cyber security practices. The less people can find about you online, the more secure you are. Always question everything and verify all emails and messages you receive. And remember, it is not a matter of if you get hacked, but when. There is no way to avoid the inevitable data breach. But there are ways to protect yourself and limit your risk. Following these steps can help you stay cyber secure.