Supplier Risk Monitoring

Data Breaches in 2019: Bigger, More Devastating

Written by Pallavi Srivastava

With the evolution of digital technology, a cohesive approach to managing cybersecurity risk has become indispensable for every company that acquires, stores, or processes user data. Despite the central role of digital in every industry, from shopping to banking, healthcare to vacation and business to a country’s development, cybersecurity remains an area of concern for companies.

One barometer is data breaches. Recent years have seen a significant increase in data breaches. According to the ‘2019 Breach Barometer’ report, cases of data breach surged by 54% in the 1st half of 2019 and about 4.1 B records got exposed during the same period. The global average cost of a data breach in 2019 is reported at US$3.92 M, an increase of 1.5% from 2018, as per the ‘2019 Cost of a Data Breach Report’ by the Ponemon Institute and IBM.

A Very Short List of the Biggest Data Breaches of 2019…

Quest Diagnostics & LabCorp

About 20 M customers’ medical and financial data was exposed during August 1, 2018 to March 30, 2019. An unauthorized user had access to the American Medical Collection Agency (AMCA) system, which was used by both Quest and LabCorp to store their data.

Federal Emergency Management Agency (FEMA)

In March 2019, the Department of Homeland Security reported that FEMA had compromised the information of more than 2 M Americans by sharing personal and banking information with its contractor and noted it as ‘major privacy incident.’

Amazon Web Services (AWS)

In October 2019, an unprotected AWS Elasticsearch cluster exposed over 20 M personally identifiable information (PII) and tax information belonging to Russian nationals. Also, in September 2019, passenger files of Malaysia’s Malindo Air stored in an open AWS bucket was breached, which lead to exposure of 30 M passengers’ details. Parts of the leaked databases were also up for sale on the dark web.

And Other Cybersecurity Incidents

Wipro

In April 2019, Wipro’s IT systems were breached as hackers gained access to systems and used them to launch attacks on the firm’s clients. Nonetheless, the company claimed cyber-attack had no impact on its ongoing critical business​.

Citrix

Citrix reported a security breach of their internal network, where hackers stole business documents. The company said that the extent of the security breach is not yet known but it is possible that the data stolen included names, social security numbers, and financial information.

More recently, a Citrix vulnerability left more than 80,000 companies open to attacks:

Cybersecurity Risk: No One is Immune

Trends indicate that all companies are vulnerable to cybersecurity attacks and data leaks regardless of their size. Despite companies enlisting expert help for cybersecurity and establishing robust internal controls, there is a significant surge in data breaches.

Some underlying causes:

Backdoor Access

Companies rely on a diverse range of software, digital products, and applications. Therefore, it’s becoming difficult for the monitoring team to look for each open point. These points enable attackers and unauthorized users to enter the network and access databases.

Malware

In recent years, many large-scale attacks have been caused by malware and phishing scams. It’s easy to wait for bad actors to target companies, wait for vulnerabilities, and plant their malware in the target network.

Absence of Oversight

Many companies do not establish continuous monitoring protocols for their systems and networks even if they have strict procedures in place for testing. Furthermore, companies must be careful about security testing for all new applications before roll out.

Smarter Hackers

Developers and hackers are running an endless race where developers work to build software, systems, applications, and networks and hackers keep looking for new vulnerabilities in the product which programmers may have overlooked. Phishing of web pages, key loggers, Remote Administration Tool (RAT), zombie computers, malware, spy, and botnets are just the tip of the iceberg of the toolkit available to hackers.

Cybersecurity Posture of Your Third Parties

Cybersecurity events, particularly data breaches, cause reputational damage along with potentially catastrophic financial loss. From long investigation processes to regulatory penalties, remediation and settlement costs can dent revenues and investors’ confidence.

While cybersecurity attacks and data breaches cannot be ruled out completely, there are measures to minimize vulnerabilities and potential security risks such as implementation of Role-Based Access Control (RBAC), installation of software to block unsecured web pages, and investing in anti-virus and firewalls for basic security hygiene.

However, it is more complicated for companies that handle users’ personal or sensitive data, especially through their third parties. Companies may be able to institute protocols and establish security mechanisms that protect their own networks. However, their third parties, which include suppliers, partners, and vendors, then present an additional risk surface. Companies must evaluate the nature of data that their third parties handle and encourage them to institute practices in line with the sensitivity of the data.

If nothing else, companies must establish outside-in cybersecurity risk monitoring for their third parties and vendors at scheduled intervals. Outside-in cybersecurity risk monitoring offered by solutions like Supply Wisdom enables companies to assess the cybersecurity posture of their parties and see what hackers see when they scan the third party’s network. This can help ensure some of the risks of data breaches are reduced.

Receive Supply Wisdom’s insights and newsletters on cybersecurity risk right in your inbox. Subscribe here.

SVB Collapse - Comprehensive TPRM Analysis

The Collapse of SVB: Analysis of Risk Indicators and Next Steps for TPRM

Get Supply Wisdom’s comprehensive analysis on SVB, including indicators across a full spectrum of risks, the causes of the collapse, and precautionary steps you can take in response to the SVB collapse.