Search blog for

Take these Five Steps to Really Mitigate your Data Breach Risks

Data breaches are a CSO/CISO’s worst nightmare. And they’re getting bigger and more damaging all the time. It’s no longer just hundreds of millions of users whose personal data is stolen at a time, but billions of users. That’s translating into ever-growing financial repercussions.

The irony, however, is that companies aren’t investing enough in data security to let them sleep soundly. Less than 20 percent of CISOs believe their organizations are effective at breach prevention, according to a 2018 survey by the Ponemon Institute. And 78 percent of enterprises admitted to a breach in the last year, according to the CyberThreat Defense Report 2019 (download here).

Preventing data breaches requires more than hardening your network perimeter. Insider threats are just as insidious, due to the constant threat of hijacked user accounts. And traditional lockdown security approaches do nothing to combat such threats, while slowing down and frustrating your employees and customers.

In other words: when it comes to data security, businesses can’t afford to do business as usual.

I recently had a conversation on the topic, “Best Practices for Mitigating Data Breach Risk” with Brandon Dunlap of the International Information System Security Certification Consortium, or (ISC)2.

In our webinar, we talked about the five realistic steps that your enterprise can take to reduce your data breach risks. They include:

  • Discovering and classifying sensitive data
  • Assess risk around data and decide whether to keep or delete
  • Monitor data activity – answering the 5 W’s and H
  • Detect the REAL threats to your data
  • Protect and respond — stop risky data activity

Check out the webinar on BrightTalk here, where I share how to implement these steps. And coming soon — a white paper that also discusses these five steps in more detail.