Seal the breach
How enterprises can safely navigate the data security journey. By Trevor Morgan
In today’s hostile cyber landscape, organizations encounter many challenges as they go about processing and storing data critical to their operations. Yet, such is the power of data that the repercussions of suffering a cyberattack or data breach can often be much higher than anticipated and can even shutter operations, at least temporarily, in the worst-case scenario. With the rise of digital transformation and the inherent goal of many organizations to become more efficient and productive, these risks have been amplified even further. The consumption of data is driving this strategy, because with more data in a variety of different formats, leaders can make better, more informed decisions about the services and products they are bringing to market. Considering that over 2.5 quintillion bytes of data are created daily, it’s no wonder that organizations are doing their utmost to get a slice of the data pie.
However, with more and more data collection, storage, and processing, data security breaches are occurring more often. This alarming situation is raising concerns within the industry over how enterprises are balancing their responsibilities with data and managing the associated risks.
Consider that in just the first quarter of 2021, 351 security incidents have accounted for over three billion breached records. From a security standpoint, these statistics are damaging and signify that the cybersecurity industry still has much more work to do when it comes to understanding and prioritizing data security.
Because of this fact, it’s imperative that C-level executives take the exposure risks of sensitive data in their organizations seriously. However, just as important is evaluating partners and third parties to avoid supply chain attacks. Towards the end of 2020, we witnessed one of the widest reaching cyberattacks in what would be known as the SolarWinds breach. SolarWinds, a global service provider, was impacted by a cyberattack that affected 18,000 of its 300,000 customers around the world – some being government agencies. The attack was a massive alarm for all those with digitally connected supply chains as the attackers were able to jump from one organization’s system to another. This attack is a clear example of how modern hackers are adapting their methods to impact the many and not the few, especially as the supply chain extends into the digital world, all in hopes of creating widespread disruption and a resultant desperation leading to the willingness to pay ransoms.
A mindset change is needed
Cybersecurity has long been viewed as a business blocker and obstacle to getting the core business of the company accomplished Major groundwork in recent years has helped to overturn the notion that the security team is the ‘Department of No,’ and actually, the security team can be an enabler for business innovation and growth. In regard to cybersecurity and the supply chain, most organizations simply can’t restrict the supply chain to the point where information, data, products, and services are interrupted or halted. However, if they implement the wrong security approach, they could create a situation in which a web of organizations is negatively impacted. Clearly, organizations need to strike a delicate balance between security and agility.
Cybersecurity shouldn’t seek to put a crimp on the supply chain. For instance, the supply chains largely utilized by managed service providers (MSPs) and software-as-a-service (SaaS) providers are highly desirable targets for attackers who seek to exploit the multifarious attack vectors. Hackers are aware of the endless possibilities for penetrating these organizations and their digitally connected systems in order to cause as much damage downstream as possible. All it takes is for one entry point to be exposed for the entire supply chain to experience disruption, and this can be a physical supply chain like an oil or gas pipeline or a digital supply chain like an application service provider. Therefore, cyberattacks like ransomware – situations in which data is stolen and systems are locked – are extremely damaging and costly due to subsequent disruptions in operations.
Ultimately, a security approach that will help organizations protect sensitive information from being exploited and avoid all the fallout involved with a cyberattack should involve adopting data-centric security. To be sure, data-centric security is not on the radar for most enterprises, but by adopting this data protection strategy, sensitive data can move through the digital supply chain securely without having to place further restrictions or security barriers on the transfer pipeline.
For some organizations, the physical supply chain is pivotal to their core business and is their primary focus, while other parts of the overall operation, such as security, might be viewed as secondary or simply nice-to-have. What they don’t realize is that in order to successfully transfer physical commodities through the supply chain, a digital overlay of information exchange and associated data security are required for them and their partners. Nonetheless, hackers will attack this digital supply chain of information and, if successful, will directly impact the physical supply chain and flow of products and services, a situation which the world witnessed with the Colonial Pipeline attack earlier in the year. We should all be concerned in the wake of these recent incidents
Ransomware attacks have become so prolific and frequent because of the amount of disruption they can cause. If threat actors can disrupt an organization’s core business, they’ve hit the jackpot. Revenues are halted, bad press abounds, and brand reputation takes a serious hit. Yes, fines, fees, and sanctions are levied in the aftermath, but for every minute an organization and its systems are down, money is lost at an alarming rate. Because of this, business leaders must understand that the digital supply chain is not an extension, nor can it be viewed as an overlay, to the core business. The two are intertwined to the point where the digital supply chain is the core business, or at least a very significant part of it.
Keep in mind the sobering thought that suffering a cyberattack is unfortunately inevitable in this digital age. Every organization small and large eventually will experience one. Given that unfortunate fact, business leaders should be doing their utmost to implement effective data security to reduce the amount of risk to the supply chain and thus to their core business. If it helps to think of it this way, robust cybersecurity is an investment into the core business of the company.
Making an investment into a data-centric security approach such as tokenization means that organizations can remove sensitive data from the firing line. Data-centric security quite simply is a method of protecting data itself rather than the environment or perimeter around it. In the event of an attack or theft, any tokenized data elements will be completely useless to threat actors. It cannot be exploited or leveraged for gain. This strategy is aligned with the increasingly prevalent Zero Trust approach, which turns ‘trust but verify’ into ‘don’t trust and always verify.’ Zero Trust takes the approach that the organization has already been compromised, and every attempt to access data should be viewed as a potential threat by a bad actor. In other words, nothing and no one is trusted by default. By tokenizing sensitive data as soon as it enters the organizational ecosystem and not de-protecting it, you extend no trust but still enable employees and partners to work with that business-critical information.
Given the severity of the SolarWinds and Colonial Pipeline attacks and the publicity surrounding them, the risk of other organizations suffering a similar fate is very high. These were attacks that sent shockwaves around the industry and highlighted the fact that enterprises can suffer breaches through secondary attacks, affecting their supply chains with a subsequent domino effect. So long as data is being effectively protected using a data-centric approach, organizations can carry on knowing that their sensitive data will not be leveraged. Rather than lament the fact that breaches are constantly ongoing, we need to accept the fact that they are a part of doing business and invest in the right security posture to mitigate the damages and potential fallout.
The consequences of suffering a data breach, whether directly or via the supply chain, can be incredibly detrimental, both immediately and in the longer-term, due to the penalties of associated with non-compliance. Not to mention the dire reputational damage, which can lead to loss of customer trust and a decline in business opportunities. For some organizations, these can even be irreparable. Hence, having a defense that is holistic, provides regulatory compliance, and secures data throughout its entire lifecycle is essential for organizations wanting to get data security right before the inevitable breach occurs.
Trevor Morgan is Product Manager at comforte AG, which was founded in 1998 by the creators of a connectivity solution for mission-critical systems. A logical next step for comforte was not only to connect systems but also to make sure that communication is always done in a secure fashion. Organizations around the globe are running their ATM and Point-of-Sale networks securely, thanks to comforte.
Building on more than 20 years of experience in unlocking more value from systems that never stop, comforte has evolved into a market leader for data security and cloud-native tokenization. It now proudly serves over 500 enterprise customers across the globe.