COMMENT
and by the time they had cancelled the
operation, less than 2% of the 300GB
data set remained, the rest had been
permanently deleted. The failure of
five separate backup and replication
solutions that followed can also be
attributed to human error and the
systems having not been implemented
or tested correctly.
Many challenges to data security have
a commonality in that the risk to data
is presented when data is unstructured.
Unstructured data refers to data that is
not stored or contained in a database
or a different type of data structure.
Unstructured data also stretches to
cover data that is stored or accessed on
mobile devices and removable media
such as a USB storage device.
46% of organisations in the Cyber
Security Breaches Survey 2017 stated
that they have BYOD challenges that
expose them to cybersecurity risks.
As with any removable media, there
is a chance that storage devices such
as USB and devices such as mobiles
or tablets could be lost. If encrypted
and password protected, this may not
cause an immediate issue however, if
unencrypted, these represent a serious
data breach risk.
Fraud and criminal threat
behaviour, enforcing data management
policies completely is often far from easy.
Together, data growth, data sprawl and
easier data access can result in a loss of
control, leaving data protection officers,
or more commonly, IT and network
managers, in the dark as to what is
going on in their network. Growing
organisations have a responsibility
to train inexperienced staff and new
employees correctly on the data
protection policies and procedures to
help reduce human error.
Human error remains one of the
largest threats to data on a network,
as was demonstrated with the Gitlab
data loss at the start of this year. Staff
accidentally deleted a live database
www.intelligentcio.com
The threat posed by cybercriminals
cannot be ignored and although large
and enterprise-scale organisations
are more likely to be targeted, all
organisations are at risk. The truth is
that malicious attacks come in many
different formats, most of which can
be hidden in email, on a seemingly
harmless looking webpage or can exploit
previously unknown vulnerabilities in
technology used by any organisation.
Organisations often use filtering,
scanning and blocking to monitor
emails and activity on networks and
it is estimated that less than 1%
of people will open attachments
or follow links on malicious emails.
However, given the opportunity to
send millions of emails, this becomes a
considerable number of organisations
and users affected. From an African
point of view, ransomware has grown
"With more data
being stored
in more varied
locations, as well as
being accessed by
more people more
regularly, from
more locations,
it also becomes
difficult to track
how and if data is
being protected."
in sophistication and emerged as the
most pressing threat to businesses.
Taking steps to reduce the threat
of cyberattack
Reducing the threat of losing data or
having a serious network breach should
be a priority for all organisations. If you
are unsure on where to start, here are
four tips to help you reduce the threat
of data breach or cybersecurity failure to
your organisation.
1. Complete a risk analysis
Completing a risk analysis will allow you
to better understand where the threats
are to your network and come up with
an actionable plan to resolve them.
2. Understand where your data lives
Gaining a better understanding of where
data resides in your network, structured
and unstructured, can give you an
insight into where changes should be
made and how best to protect data.
3. Train staff around
cybersecurity awareness
Making users more aware of the
challenges that the organisation faces
daily around data security, can help to
reduce the risk of human error and gives
users a better opportunity to alert the
necessary authority should they identify
a risk of breach themselves.
INTELLIGENTCIO
23