[BLOG] 2018 review: Are data breaches becoming the norm?

Whilst Data Protection Officers and Marketing departments flapped around trying to understand GDPR, were IT departments given enough budget to protect their company’s data in the first place?

Marriott effected 327million individuals 
Dunkin Donuts loyalty programme breach
Facebook security breach up to 50m accounts estimated attacked
Dixons Carphone data breach affecting 10million customers in June this year
Euro Star forced to reset customers passwords after hack attack

Look at that list. Surprised?
Rarely does a week go by in 2018 without a major data breach being reported.
Is this just the way things are now? 
 

GDPR – Four tiny letters with a big impact in 2018 – forced many companies to address and improve their data practises. But whilst company’s Data Protection Officers and Marketing departments flapped around trying to understand this privacy regulation, were IT departments given enough budget to protect their company’s data in the first place? With so many solutions out there in the market place what is the excuse for these data breaches?

There are now so many different entrances and exits onto and off an IT network that it can be hard to see the wood for the trees, but addressing the basics is a good start.

  • What are your infrastructure basic security risks?
  • What are you using to protect against malware, ransomware, phishing, spear-phishing and spoofing?
  • What dormant malicious code sits on your network? Can a user access this and trigger it? How do you tell?

The first place to start is your company email, it’s an obvious entry point and as cyberattacks can inflict serious commercial and reputational damage.

We need to appreciate that Cyberfraud has changed significantly over the years. Threats aren’t just spamming with malicious attachments, companies now face advanced malware, fraudulent URLs, and sophisticated social engineering attacks that target humans directly.

Cybercriminals are also leveraging the most common spear-phishing tactic out there: impersonation. This tactic is on the rise since end users tend to trust emails that come from their boss, colleague or friend.

Surprisingly most security software solutions in place are not highly sophisticated. Companies are potentially relying on antiquated systems that aren’t making the most of AI to scan, monitor, and then notify of these modern attacks.

Great protection products do exist though. There is a lot of choice out there, and this is great for you, but knowing what’s right for your unique IT environment can take some guidance.

Trustco partner with leading security vendors and understand the difference in these technologies and can help explain the differences between these. Our technical specialists will help to narrow down what is right for your environment and budget, with minimum disruption whilst giving you maximum protection.

Contact Trustco or call 0344 880 1999 to discuss further.

So, what precautions are you taking to protect your data?