UC Advanced - issue #4

DATA SECURITY

intrusion, despite all the technology. “Security spending nowadays is split 75% on protecting the perimeter and only 25% on the inside, which businesses should rebalance because they’re putting all of this money on a porous perimeter. “At the end of the day, there’s a limit to how much businesses can spend before they’re just wasting money.” Coded Messages Encryption is often dialled up as the only way to deal with cyber security threats, and that certainly seems to be the case, as encryption is at the heart of a lot of recommendations. As you’ll see from Shaunak Amin, Co- founder and CEO at SwagMagic, and Ani Chaudhuri, CEO at Dasera, encryption is at the heart of the security recommendations. “Businesses need to ensure they are selecting tools that are tough on hackers,” Amin. “Look for those with features such as bank-level encryption, secure links, targeted roles and permissions, strong password enforcement, and two-factor authorization. These encryption measures let customers safely upload and access sensitive information from different platforms. “If directors need help deciding which to choose, they should check out which vendors list banks and financial services in their client rosters. As these organisations require a high level of data security, their vendor choice may also be the right choice for the business.” “To protect themselves, businesses must adopt a proactive and multi-layered approach to data security to defend themselves from cyber threats,” said Chaudhuri. “It starts with implementing comprehensive data security and governance controls encompassing the entire data lifecycle. “Advanced encryption methods play a critical role in safeguarding sensitive data. Encryption ensures that even if data is compromised, it remains unreadable and useless to unauthorised individuals. By employing robust encryption techniques, businesses can add protection to their valuable data assets.” Despite its clear popularity, John Benkert, CEO of Cigent says that encryption isn’t the be-all and end-all for protecting data, adding: “Storage solutions have not been the weak link when it comes to data security. Strong encryption can be implemented at the storage layer to help defend against physical theft.”

“Although cracking the encryption is possible with enough time and resources, it simply is not cost-effective and is usually reserved for nation-states. “The weak link is the access controls to the storage. Why break through a vault when they can simply get the combo? When we look at ransomware and data extortion root causes, the majority of incidents have occurred as the result of phishing or other tactics where credentials or systems with access to data are compromised. “Storage alone cannot address the threat posed by hackers. We have to look at the whole technology stack and identify the weak links.” When they do get in Of course, when we talk about security, the conversation often turns to the consequences of a hack. When it comes to data, the cost of a breach is not just monetary, as Christine Sabino, Legal Director at Hayes Connor explains. “The number one consequence of this is a data breach. A breach of data is not only a problem for GDPR law, it has a myriad of consequences for the business involved and the victims. “For companies, there is the risk that they will be involved in a lawsuit, and may even incur a hefty fine from the ICO. On top of this, there is a lot of red tape surrounding how best to approach a breach of data; without a proper PR strategy in place, businesses can get it very wrong, and risk their reputation being damaged. In the long term, a data breach can lead to a loss of business, as clients may not trust that their data is safe. “On top of this, victims may have to seek legal intervention to claim for any of these losses, which can be incredibly stressful. Then, you have the emotional turmoil that comes with this, both the initial loss of data and then the subsequent uncertainty surrounding where this data is and how it may be used against them can be long-lasting.” “There are significant legal and regulatory ramifications associated with data breaches,” said Chaudhuri. “Depending on the jurisdiction and industry, businesses may face fines, penalties, and legal actions from affected individuals or regulatory bodies. “Compliance with data protection CONTINUED

CONTINUED

Anders Reeves CEO

covertswarm.com

Shaunak Amin Co-founder and CEO

swagmagic.com

24

Powered by