Whether it’s a ransomware attack, data breach, or another unnamed method exposing and exploiting private, sensitive, or proprietary data, 2021 is shaping up to be the “year of the breach,” with healthcare organisations among the prime targets.
A US health insurer became the latest healthcare organisation to fall victim to a cyberattack when hackers leaked the medical data of over 6,000 patients, acquired through a third-party app, and who can forget the Kaseya cyber incident, where attackers were able to exploit a zero day to access customer instances of the product and use its native functionality to deploy ransomware to those customers endpoints.
No matter which way you look at it, the threat of cyberattacks is real and with data now being accessed beyond the perimeters of the on-premises firewall and network, controls need to be put in place to protect not only your data, your users as well.
Pandemic-related uncertainty, remote work conditions and employee experience collide to create the ideal conditions for insider incidents. A latest Forrester Cyber Security Predictions report predicts:
- 33% of data breaches will be caused by insider incidents in 2021 (up from 25% in 2020)
- The increase in remote work naturally leads to increased insider risk
- Insider threat incidents are expected to grow 8% in 2021
Still don’t think security should be top of mind for your organisation? Well, how about these statistics to get you thinking. According to a Data Risk Report released by Varonis:
- Over 64% of financial service companies have 1,000+ sensitive files accessible to every employee
- On average, 50% of user accounts are stale
- 38% of all users sampled have a password which never expires
- 62% of breaches not involving an error, misuse, or physical action involved the use of stolen credentials, brute force, or phishing
These are truly alarming statistics and is proof it’s now no longer a matter of “IF”, it’s “WHEN”. It’s time to let go of the “things like this don’t happen to people like us” mindset.
So, to ensure you have the adequate controls in place, watch my latest FastTrack Update, where I take you through the three principles and six foundational elements which will help you build your Zero Trust Model across your organisation.
I’ll sign off with one final statistic – The average cost of a breach is USD 1.76 million less at organisations with a mature zero trust approach, compared to organisations without zero trust.