Protect Your Sensitive Data in A Risky Landscape

Protect Your Sensitive Data in A Risky Landscape


For any technology company, hardware, equipment, and digital technology are gateways for hackers and adversaries to launch a cyber-attack and compromise sensitive data and information. This includes intellectual property, records, customer information, and software coding. Such risk is prevalent in today’s vulnerable data environment, where incidents have grown and can be quite costly.

Our information landscape is porous

There are numerous ways for hackers to enter an enterprise and gain access to private information and intellectual property. A quick look into the past few years demonstrates just how serious attacks can be, and how sensitive data may be compromised.

  • In 2016, The New York Times reported that 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time.
  • In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers.
  • According to Accenture's 2017 statistics, there are over 130 large-scale, targeted breaches in the U.S. per year, and that number is growing by 27 percent per year.
  • Thirty-one percent of organizations have experienced cyber-attacks on operational technology infrastructure, according to Cisco.

 

It is important to recognize that your technology is at risk

The gateway of cyber-attacks includes physical as well as digital assets. These assets contain valuable information, corporate knowledge and intellectual property such as design information, patents, and proprietary algorithms. Once an incident occurs, not only is the viability of the technology damaged, but an enterprise is forced into crisis mode and, beyond that, disaster recovery.

Protections need to be put in place even when a company is shutting down. When electronics retailer NCIX went bankrupt in 2017, its assets were liquidated. A scavenger of its hard drives found them to be loaded and “unwiped” of customer privacy data, and then put the information up for sale to opportunistic parties on Craigslist. After the breach, at least one customer proposed a class action lawsuit.

This impending danger is costly

Exploitation may not only violate data, but there’s also a significant cost associated with it as well:

 

Take action now.

  1. Conduct a complete and thorough review. Take a look at what data and information are at risk, what digital and other technology assets offer a vulnerable gateway to such data and information, and then apply a methodical approach to build security. Specifically, this should be an exhaustive accounting of intellectual property owned and the incidence of risk to that intellectual property, should any security compromise take place.
  2. Perform an assessment of current security policies and procedures. Compare your procedures to the National Institute of Standards and Technology (NIST) Cybersecurity Framework, including reviews of policies, procedures, and practices. Use this process to identify any anomalies as well.
  3. Examine pre- and post-breach client response capabilities. Include risk and readiness assessments, event readiness testing, and incident response to determine if your business is prepared with the right staffing and bandwidth.

 

Learn from the financial industry to help mitigate risk.

Working with an advisor, adept in the rigorous and disciplined practices of the financial services industry, is a best practice to protect data and information. This is a smart strategic decision for numerous reasons:

  • Financial institutions are light years ahead of the industrial sector in identifying risk and safeguarding sensitive data.
  • Financial firms have cybersecurity built into their organizational structure and provide dedicated staff to plan and mitigate cyber risk and sensitive data compromise; this isn't always the case in industrial firms and other enterprises.
  • Financial services industries have higher standards and regulation, meaning they offer more advanced strategies against data and intellectual property compromise than other sectors that aren't subject to the same scrutiny.

Working with a financial firm can help you implement the best practices that are needed to comprehensively protect your business and its data.

The views expressed by the author are not necessarily those of Fifth Third Bank and are solely the opinions of the author. This article is for informational purposes only. It does not constitute the rendering of legal, accounting, or other professional services by Fifth Third Bank or any of their subsidiaries or affiliates, and are provided without any warranty whatsoever.