The technology industry has unlocked innovation across all sectors as an enabler of digital transformation. Most organizations are now outsourcing critical operations to tech companies, such as cloud providers. Tech vendors are now left to manage an ever-growing volume of sensitive data, which they must secure effectively to prevent large-scale data breaches.
IBM and Ponemon Institute’s 2022 Cost of a Data Breach Report found a record high average breach cost of US$4.35 million. Aside from the immediate financial penalties, breached organizations also pay the long-term cost of irreversible reputational damage.
This article explores why the tech industry is a high-risk data breach target and how effective security policies can drive data protection across the supply chain.
What is a Data Breach?
A data breach occurs when an unauthorized individual gains access to sensitive data by copying, transmitting, viewing, or stealing it. Hackers exploit this data to commit identity theft, insurance fraud, and other lucrative cybercrimes.
Data breaches can expose the following types of data:
- Financial information, including credit card numbers and bank account details
- Social Security numbers
- Driver’s license details
- Other personal data, such as phone numbers and residential addresses
- Intellectual property
- Trade secrets
Common data breach causes include:
- Undiscovered data leaks
- Poor network security
- Software vulnerabilities
- Software misconfigurations
- Physical theft, such as stolen hard drives or laptops
- Third-party breaches
Why Tech Companies Should Worry About Data Breaches
Cybercriminals know that tech companies often have weaker data protection and overall cybersecurity measures than highly-regulated industries, like healthcare and finance. Instead of targeting these organizations directly for their valuable data, they focus their efforts on the poor data security often found in the first link of the supply chain – tech vendors that store and manage significant amounts of data from these industries.
Data breaches in the tech industry prove devastating, causing a domino effect throughout the supply chain with the compromise of hundreds or even thousands of customers and their customers’ data.
For example, the SolarWinds supply chain attack of December 2020 affected almost 18,000 of the network management provider’s customers. Consequently, the breach affected the US Government and multinational tech vendors, including Intel, NVIDIA, and Microsoft, further impacting thousands more customers.
SolarWinds faced a lengthy and costly recovery process, outlined below.
- SolarWinds’ stock declined by approximately 40% within a week of the breach becoming public.
- SolarWinds reported spending between $18 and $19 million on investigation and remediation costs in Q1 of 2021.
- SolarWinds faced a class-action lawsuit from shareholders who experienced significant financial losses following the breach.
- SolarWinds reported customer renewal rates dropped from the low- to mid-90s to the 80s in the year following the incident.
6 Data Breach Prevention Strategies for Tech Companies
If a cyber attack occurs, effective data security practices can significantly reduce the risk of a data breach.
Below are five strategies tech companies can implement to protect against data breaches.
1. Limit Data Access
Tech vendors must enforce Zero-Trust Architecture (ZTA) to limit internal and external data access to prevent data loss. ZTA assumes any user outside the network perimeter cannot be granted access to protected resources without further authentication or verification. Zero Trust security models consist of several security controls, such as the principle of least privilege and multi-factor authentication, to provide better visibility and control over who accesses sensitive data.
The Principle of Least Privilege
The principle of least privilege restricts all users to the least amount required to perform their jobs, reducing the risk of insider threats, which could result in intentional or accidental data exposure. You should also schedule regular audits to revise employees’ access privileges which may have changed over time, for example, if they leave the company or change roles.
Multi-Factor Authentication (MFA)
Multi-factor authentication (MFA) requires users to provide two or more authentication factors to access an account or system. These additional factors help verify users and prevent cybercriminals from hacking into corporate accounts with stolen passwords.
2. Provide Security Awareness Training
Verizon's 2022 Data Breaches Investigations Report found that 82% of reported breaches involved a human element. Cybersecurity awareness programs help prevent security breaches caused by human error, benefitting all organizations, including those of small business owners.
Basics such as keeping operating systems updated and using a VPN on public networks,
A phishing attack is the most common initial attack vector leading to a data breach. Tech companies should focus their awareness programs on preventing vulnerabilities that facilitate these security incidents, such as data leaks.
Employees should be aware of the following best practices for keeping their credentials safe:
- Use unique, strong passwords
- Regularly update passwords
- Don’t share passwords
- Set social media settings to private
- Understand the security threats of password managers
- Set up multi-factor authentication (MFA)
Identifying Phishing Scams
Cybercriminals trick employees into disclosing sensitive information with social engineering techniques, such as phishing scams. They exploit this privileged data to gain access permissions to corporate systems. Once inside the internal network, the hackers commit more serious cybercrimes, such as data exfiltration, malware injections, and ransomware attacks.
Phishing emails have defining characteristics, such as poor spelling and grammar, unusual requests, and a sense of urgency. Teaching employees how to identify these traits helps prevent business email compromise and potential data breaches in the making. Organizations should also deploy antivirus software for additional endpoint security, should phishing awareness fail.
2. Segment Your Networks
Network segmentation is a crucial network security practice for tech providers. Segmenting your main network into smaller subnetworks restricts lateral movement across the rest of your network. If one network is compromised, the others remain protected – unlike flat networks, which can easily facilitate large-scale attacks by providing cybercriminals full access to all connected entities.
Individual subnetworks have their own access points, log-in credentials, and firewalls. These mechanisms provide additional protection against cyber threats, which could shut down operations if the entire network is affected, such as DDoS attacks.
3. Implement a Cybersecurity Framework
Organizations from all industries trust tech companies to manage their internal data securely. Customers from highly-regulated industries must ensure their vendors also comply with these requirements or risk non-compliance.
Implementing a recognized cybersecurity framework, like NIST CSF, can help your organization better manage and mitigate cyber risk by providing a baseline for minimum security controls. Frameworks also allow for compliance mapping, helping you measure and maintain compliance with several industry standards, including PCI DSS and ISO 27001.
Proven compliance with popular standards and regulations builds customer trust, with confidence that you’re implementing strict data security measures to protect their sensitive data.
4. Stop Data Leaks
Data leaks occur when sensitive information is accidentally exposed – either physically or on the Internet. Time is of the essence with data leaks – left undetected too long and cybercriminals will find and exploit them as entry points in a cyber attack. For example, misconfigured software settings can publicly expose corporate data, facilitating unauthorized access to internal systems.
A robust incident response plan with fast remediation capabilities is vital to stopping data leakage before cybercriminals can find these exposures. A capable data leak detection solution continuously monitors all layers of the web to identify data leaks affecting an organization and its vendors, preventing potential security breaches.
5. Identity All Vulnerabilities
According to Palo Alto research, cybercriminals begin scanning for vulnerabilities within 15 minutes of a new CVE announcement. For tech companies, the consequences of an exploited zero-day prove deadly. For example, hackers can exploit vulnerabilities in software update code and inject ransomware or other malware, infecting hundreds of customers in the process.
Fast vulnerability detection is the key to identifying and patching software vulnerabilities before they become a direct access point for large-scale supply chain attacks. Reliable attack surface management (ASM) solutions provide tech companies with the speed and visibility required to manage emerging vulnerabilities and other cyber threats.
Unlike manual detection methods, ASM software detects security issues in real time and assigns a criticality rating, allowing security teams to prioritize remediation efforts.