{"id":2936,"date":"2019-07-02T15:20:59","date_gmt":"2019-07-02T15:20:59","guid":{"rendered":"https:\/\/www.imsm.com\/rwa\/gb\/?p=2936"},"modified":"2023-10-31T10:56:20","modified_gmt":"2023-10-31T10:56:20","slug":"the-5-worst-data-breaches-you-didnt-even-know-existed","status":"publish","type":"post","link":"https:\/\/www.imsm.com\/rwa\/news\/the-5-worst-data-breaches-you-didnt-even-know-existed\/","title":{"rendered":"The 5 worst data breaches you didn’t even know existed"},"content":{"rendered":"
No business or organisation is immune from data interception and theft. In 2018, the UK Government\u2019s annual Cyber Security Breaches Survey<\/a> found 43% of businesses experienced a cyber security breach or attack in the last 12 months but only 27% have formal policies covering cyber security risks.<\/p>\n Recent high-profile data breaches from the likes of British Airways, Marriott and Facebook – giants of the business world – are vulnerable to data theft. For even the smallest businesses, data security should be a priority. Here are some of the worst data breaches you didn\u2019t know existed – and how you can use information security management processes to prevent them.<\/p>\n For many businesses, your website is one of your primary assets so it\u2019s important to arm it with premium protection. Website breaches can be devastating and can include denial-of-service (DDoS). Attacks where hackers make a site unavailable by flooding it with spammy traffic until it crashes. This blocks access and the domain can fall subject to ransomware. A preventative action against this is a sophisticated firewall.<\/p>\n Are you sure any portals to your website and supporting applications are secure? This includes platforms like WordPress, Shopify and HubSpot, among others. Advanced Persistent Threats (APTs) slowly break into a network in waves so they avoid detection. Firewalls work to protect you and it also helps to block known threats using blacklists. If the threats are unknown, however, whitelist security policies are appropriate. Ensure your data is encrypted and perform regular system cleans to weed out any threats in their infant stages.<\/p>\n External storage services like Dropbox and Google Drive are stored away from your hardware on \u2018the cloud\u2019 and so provide another barrier against viruses that attack your computer and network. However, they\u2019re not completely secure and are still subject to their own vulnerabilities and malware. Cloud workload protection, for example, uses AI to spot faults in cloud systems and rectify them. It\u2019s also well worth having multiple data backups in case you lose some of your data.<\/p>\n Having unmanageable or lost assets can leave them loose and vulnerable to impersonation and phishing, or even inside attacks! Make sure your access privileges are controlled and have inbuilt security measures like multi-factor identification: maybe security measures like thumbprint or facial recognition is appropriate for your organisation.<\/p>\n While you may think your virtual security barriers are intact, what about your physical ones? Data thieves don\u2019t just hack from a laptop in a basement hundreds of miles away; assets like USBs and hard drives can be physically stolen, breaching the data security of your employees and customers.<\/p>\n Bringing together these measures may seem like a hugely insurmountable task, but a sound information security management process isn\u2019t a distant dream. ISO 27001<\/a> is the go-to for establishing a watertight data security management system, providing you with the framework and guidance you need to remain up-to-date with the latest trends in cyber security. Find out more about ISO 27001 here<\/a>.<\/p>\n <\/p>\n1. Website breaches<\/h2>\n
2. Platform or web application vulnerabilities<\/h2>\n
3. Misconfigured cloud services<\/h2>\n
4. Failure to identify and manage assets<\/h2>\n
5. Theft<\/h2>\n