6 oversights that enable data breaches

Personal employee or customer data accounted for nearly 45% of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information accounted for a further 6.7% and 5.6% respectively, according to Imperva.

More positively, the research found that theft of credit card information and password details dropped by 64% compared to 2021.

“It’s very encouraging to see such a decline in stolen credit card data and passwords. It suggests that more organizations are using basic security tactics such as Multi-factor Authentication (MFA), which makes it much harder for outside cyber attackers to gain the access required to breach data,” says Terry Ray, SVP and Field CTO at Imperva.

“However, in the long term, PII data is the most valuable to cybercriminals. With enough stolen PII, they can engage in full-on identity theft which is hugely profitable and very difficult to prevent. Credit cards and passwords can be changed the second there is a breach, but when PII is stolen, it can be years before it is weaponized by hackers,” added Ray.

The research also reveals the root causes of data breaches, with social engineering (17%) and unsecured databases (15%) as two of the biggest culprits. Misconfigured applications were only responsible for 2% of data breaches, but businesses should expect this figure to rise in the near future, particularly with cloud-managed infrastructure where configuring for security requires significant expertise.

“It’s really concerning that 32% of data breaches are down to unsecured databases and social engineering attacks, since they’re both straightforward to mitigate,” continues Ray. “A publicly open database dramatically increases the risk of a breach and, all too often, they are left like this not out of a failure of security practices but rather the total absence of any security posture at all.”

Imperva identified the six most common oversights that enable data breaches:

• Lack of Multi-factor Authenticatio (MFA) – There is no good reason why organizations shouldn’t be using MFA as it makes it far harder for an attacker to successfully use stolen credentials to access sensitive information.
• Limited visibility into all data repositories – Businesses need a single dashboard solution that can provide insight on a broad range of data security capabilities, including data discovery and classification, monitoring, access control, risk analytics, compliance management, security automation, threat detection, and audit reporting.
• Poor password policies – Every company should be doing regular employee training sessions on the importance of not duplicating passwords or sharing them with colleagues, partners or vendors.
• Misconfigured data infrastructures – Each cloud-managed infrastructure is unique, and requires a specific skill set to manage properly. Visibility over all cloud-managed data repositories through a single dashboard eliminates the need to maintain configurations for data visibility.
• Limited vulnerability protection – A zero-day vulnerability in a popular piece of code can cause security issues for tens of thousands of organizations. Runtime protection secures your applications from vulnerabilities without leaving your application exposed to potential exploitation.
• Not learning from past data breaches – Organizations should be using machine learning (ML) to do rigorous analyses of anomalous behavior to identify malicious activity. This information can then inform a baseline of typical access for privileged users, send alerts on deviations from that behavior, and keep profiles of how past insiders have breached data.