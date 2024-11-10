The number of hacks has been increasing worldwide. — © AFP/File Noel Celis

It has been estimated that 50 percent of UK businesses have fallen victim to cybercrime. This means businesses must act fast to protect their data, customers, and bottom line.

The sectors most impacted are:

Yahoo

Facebook

LinkedIn

Adobe

Dropbox

Tumblr

Trello

Twitter

Kickstarter

Snapchat

Yahoo’s 2013 breach was the largest among major companies analysed, affecting 3 billion users. Despite this, the breach was not made public until September 2016, leading to a 9.52 percent drop in search interest from that year. Facebook experienced the second largest data breach of companies analysed, impacting 509,458,528 users.

To support businesses become sufficiently robust, the company Indusface has outlined effective strategies for employers to safeguard their employees and businesses from the impacts of major data breaches and leaks.

Venky Sundar, Founder and President of Indusface, has outlined to Digital Journal what he must-know tips to shield your business from data leaks and breaches are:

• Encrypt sensitive data: Ensure that all sensitive data, both in transit and at rest, is encrypted to prevent unauthorised access.

• Implement strong access controls: Limit access to sensitive information based on roles and enforce multi-factor authentication for added security.

• Regularly update software: Keep operating systems, applications, and security tools updated to patch vulnerabilities that could lead to data breaches. If a software update breaks systems, deploy virtual patches on the web application firewall as an emergency measure. After that you could prioritize software updates in later dev cycles.

• Conduct employee training: Educate employees on data security best practices, phishing threats, and the importance of handling sensitive information properly.

• Monitor network activity: Use intrusion detection and prevention systems to monitor network traffic and alert you of any suspicious activity.

• Backup data regularly: Maintain secure, encrypted backups of critical data to minimise damage in the event of a breach or ransomware attack.

• Enforce strong password policies: Require complex passwords and regular updates to reduce the risk of unauthorised access.

• Conduct regular security audits: Perform internal and external audits to identify and address any security gaps or vulnerabilities in your systems.

• Monitor zero-day threats: Every month hundreds of new SQLi vulnerabilities are found. Monitor these and deploy the patches. If patching needs to be delayed, deploy application specific virtual patches on the WAF layer.

• Create a mobile device action plan: To safeguard sensitive data on mobiles, require users to set strong passwords, encrypt data, and install security apps. Additionally, implement clear reporting procedures for lost or stolen devices.

• Secure Wi-Fi networks: Ensure your workplace Wi-Fi is secure, encrypted, and hidden. Disable SSID broadcasting and password-protect the router for added security.

For the survey, Indusface compiled a list of data breaches from haveibeenpwned.com, focusing only recognisable brands. The company selected larger companies because their changes are easier to track compared to smaller, more niche sites. Next, the firm used Google Trends to measure the popularity of each brand before and after the breach.

The firm also noted how each company responded to their breach—especially if their actions went beyond standard security updates. This was recorded under the “Breach Response” section.