We're living in a 'post-breach era' and no company is safe
The infamous Equifax data breach dominated headlines in 2017. The social security numbers, driver's license numbers, names, dates of birth, addresses -- and in some cases credit card numbers -- of 148 million individuals were exposed. With over half of the U.S. population affected, the credit reporting giant spent $1.4 billion in damage control, including paying customers out up to $20,000 and providing them with ongoing fraud assistance and monitoring.
This wasn’t the first breach of its kind to occur, and it certainly won’t be the last: Uber, Facebook, and Google have also been hit, to name a few. But perhaps the most alarming part about attacks like the Equifax breach is that -- at just over four years post-breach -- we’re still not out of the woods yet. And we might never be full. Major breaches leave us vulnerable long after the dust has settled. With more people’s personal identifiable information now readily available to be exploited, it’s only a matter of time.
We’re currently in a post-breach era in which stolen data can (and will) come back to haunt us in the form of future attacks. When significant security events occur, the information stolen acts as a catalyst for future incidents. It helps attackers find ways to identify how people are connected and exposes targets who might have valuable data. With this information, cybercriminals can build phishing scams and other types of attacks that have serious consequences.
There are two other factors exacerbating the post-breach era. First, attacks are happening more frequently. Since the switch to remote work, phishing attacks have increased by 51 percent. Overall, the number of data breaches this year has already surpassed last year by 17 percent. As attackers gain access to more post-breach data and acquire new tools, we can only expect these numbers to grow.
Additionally, attacks are becoming more sophisticated. Bad actors are getting increasingly creative and bold, capitalizing on the chaos and anxiety surrounding the pandemic. Pandemic-fueled phishing attempts jumped by 33 percent in June of this year. Scams ranged from hackers posing as human resources asking employees for proof of vaccination, to impersonating health organizations, all the way to phony pandemic-related layoff emails.
With much of our data and credentials already stolen, and attacks becoming more frequent and sophisticated, where does this leave us?
It’s up to us to defend ourselves in the post-breach era by having the strongholds in place to fend off imminent attacks. This won’t be an easy task given how complex these attacks have become: long gone are the days of plug-and-play cybersecurity appliances that blocked threats in a matter of minutes. Today’s attacks involve countless phases and a multitude of techniques, making the potential for damage that much greater.
Ultimately, companies need to have the visibility, detection, and response capabilities necessary to stop breaches before they happen. This will require vendors and the security industry as a whole to focus on building more consumable solutions for customers of all sizes. As we know, cybercriminals often initially infiltrate smaller organizations with weaker cyber defense capabilities in order to eventually penetrate their larger, affiliated targets. Given this, the importance of creating solutions for a large range of companies cannot be overstated.
Tools like email inbox protection are a must for all companies, especially in the age of remote work. The inbox protection should also include forensics and incident response capabilities which will stop attacks in seconds once detected. Furthermore, zero-trust access capabilities can reduce the attack surface of employees working from home and provide security posture measurement of users before they have access to SaaS applications or network infrastructure. Outside of software solutions, awareness training for individuals working remotely can help employees to better understand and avoid threats.
As we enter deeper into the post-breach era, all vendors should be asking the following question: How do we make it easier for people to protect themselves? No company is immune to the threat of attacks, but by making security solutions accessible to all, and promoting awareness, organizations have the best shot at safeguarding their data.
As the CTO for Barracuda Networks, Fleming Shi focuses on driving transformative technology solutions to support Barracuda's broad portfolio of products in security and data protection. The office of the CTO is also the incubation engine to deliver forward-looking product and technology concepts. Shi leads the team from inception to productization while nurturing product engineering teams to maximize the feature capabilities.