infographic
N
McAfee has released Grand
Theft Data II – The Drivers and
Shifting State of Data Breaches,
which details the struggle to
secure organisations against
data breaches.
New research from McAfee, the
device-to-cloud cybersecurity
company, has revealed that despite
improvements in combating
cybercrime and threats, IT security
professionals are still struggling to
fully secure their organisation and
protect against breaches, with 61%
claiming to have experienced a data
breach at their current employer.
Candace Worley, Vice President and Chief
Technical Strategist at McAfee
Adding to this challenge, data
breaches are becoming more serious
as cybercriminals continue to target
intellectual property putting the
reputation of the company brand at
risk and increasing financial liability.
22
McAfee’s study demonstrates the
need for a cybersecurity strategy
that includes implementing
integrated security solutions
combined with employee training
and an overall culture of security
throughout the organisation to
reduce future breaches.
Candace Worley, Vice President and
Chief Technical Strategist at McAfee,
said: “Threats have evolved and
will continue to become even more
sophisticated. Organisations need
to augment security measures by
implementing a culture of security
and emphasising that all employees
are part of an organisation’s security
posture, not just the IT team.
“To stay ahead of threats, it is
critical companies provide a holistic
approach to improving security
processes by not only utilising an
integrated security solution but also
practicing good security hygiene.”
•
•
•
The McAfee report highlights
the following:
• Savvier thieves: Data is now
being stolen by a wide range
of methods, with no single
technique dominating the
industry. The top vectors used to
exfiltrate data are database leaks,
cloud applications and removable
USB drives.
• IP tied for 1st: Personally
identifiable information (PII)
•
and intellectual property (IP) are
now tied as the data categories
with the highest potential impact
to 43% of respondents. Notably,
PII is of greater concern in Europe
(49%), most likely due to the recent
enforcement date of the General
Data Protection Regulation (GDPR).
In Asia-Pacific countries, intellectual
property theft is of greater concern
(51%) than PII.
Blame game: IT is looked at as
the culprit with 52% of respondents
claiming IT is at fault for creating the
most data leakage events. Business
operations (29%) follows as the next
most likely to be involved. Highly
regulated internal groups including
finance (12%) and legal (6%) were
the most secure.
The great divide: Security
technology continues to operate in
isolation, with 81% reporting separate
policies or management consoles for
cloud access security broker (CASB)
and data loss prevention (DLP),
resulting in delayed detection and
remediation actions.
Taking responsibility: There is a rift
in regard to accountability – 55% of
IT professionals believe that c-level
executives should lose their job if a
breach is serious enough, yet 61%
also state that the c-level executives
they work with expect more lenient
security policies for themselves.
Future proofing: IT professionals
are taking action, with almost two-
thirds stating they have purchased
additional DLP, CASB and endpoint
detection solutions over the last 12
months. Respondents believe that
between 65 and 80% of breaches
experienced would have likely been
prevented if one or more of these
systems had been installed. u
Issue 14
|
www.intelligentciso.com