Data risk trends in 2019
The importance of the context behind user behavior will increase
According to the Ponemon Institute Insider threat statistics, 2/3 insider-related cases are accidental. That is why to tell an accident from a malicious data breach is crucial while selecting strategies for risks mitigation.
On average it takes half a year to detect a data breach, and half of these breaches are uncovered by internal controls and auditing. Monitoring systems are now boosting analytics capabilities to speed up the investigation process (GDPR has played a significant role), and that requires quick and accurate revelation of a source, a method and a reason for violating a company’s policies.
Controlling employee activity and knowing the context behind insider behavior will let an organisation sort out triggers and patterns and prevent a major incident by ensuring transparency of a workflow and managing employee loyalty.
High-risk behaviors can be tracked and neutralized by putting some individuals under surveillance or defining the limits of their access to confidential data.
32% of employees would consider taking company information intentionally to a new job
38% concede that they sabotage their work
78% say their commitment to the company declined due to the toxic behavior
The cost of insider incidents within the healthcare sector will go up
The data of 16,762 patients got exposed and was available online for a few months because of an employee at Philadelphia-based Independence Blue Cross who had uploaded a member file to a public-facing website. It took the officials more than 3 months to discover the incident.
In January a notorious breach happened in Singapore. Confidential details of 14,200 HIV-positive people have been leaked intentionally by an HIV-positive American citizen who had already been found guilty of fraudulent activities.
According to Verizon’s 2018 Data Breach Investigation Report healthcare is the only industry where there are more of insider threats than external ones (an unprecedented statistics), and Ponemon Institute Cost of Insider Threats report ranked medical services №5 regarding annual costs of insider incidents which total $8 million. Patient data keeps being one of the most targeted types of information.
In order to run business workflows the healthcare industry has to process a major amount of data. A database management system (DBMS) is not enough anymore, that is why medical organisations often resort to a DBMS + search and analytics engine usually based on indexing. The advantage of such a bundle is obvious — the speed of search gets multiplied, and the queries get “smarter” — predicative input is enabled for an end user, typos are allowed, morphology is taken in consideration along with many peculiarities. Indexing is a perfect instrument for a system with a web interface, although recent leaks show that this IT component can present some risks as well. Information breached via ElasticSearch, popular search engine, reaches formidable figures, and the news about high profile leakages appears almost weekly. 57 000 000 personal records of USA citizens compromised in just one incident — and there are many cases like that.
This is why it is so important to take into account internal risks and choose correct security solutions when projecting IT infrastructure.
More organisations will assign specialists insider threat roles or create dedicated divisions
Cybersecurity job postings have been up 74% for the past five years, and in 2021 the number of unfilled cybersecurity jobs is expected to rocket to 3.5 million.
Creating dedicated insider threat roles and implementing a correct risk management program will facilitate internal threat detection and prevention. The concern about internal risks as well as the popularity of employee monitoring software have increased considerably. In order to manage the inner controls a specialist should be assigned.
