2022 was a big year for high profile data breaches around the world - At the start of the year a breach at FlexBooker prevented 3.7 million from accessing their scheduling tool accounts. In February, a data leak at the world’s largest semiconductor chip company, Nvidia, took parts of the business offline for two days. Then in September, a Microsoft data breach exposed more than 65,000 companies across 111 countries.
The number of breaches continues to rise, with an estimated 4,100 data breach events publicly reported in total last year. Unfortunately, this concerning trend is set to continue into 2023 and beyond with cybercrime costing as much as $10.5 trillion annually by 2025.
As attacks become more sophisticated, organizations need to take additional measures to prevent data breaches or to minimize their impact if attackers do gain access. Here are three approaches that need to be considered as part of this strategy:
Implementing zero trust
NIST defines zero trust as the concept of minimizing uncertainty in enforcing accurate, least privilege per request access decisions in a network that is viewed as being compromised.
Through this approach an organization can no longer assume that it can trust everything within a network or within particular segments of the network. Instead, systems must be in place to validate and verify that every user, application, or device within the network can be trusted.
While the U.S. government has made it mandatory for all federal agencies to adopt zero trust by 2024, private organizations should look to implement zero trust too.
An IBM report has found that those in the mature stage of their zero trust deployment had an average breach cost that was $1.76 million lower than organizations not following a zero trust approach. For organization without zero trust, the average cost of a breach amounted to $5.04 million.
At present, 41% of surveyed organizations across a range of sectors have deployed zero trust security architecture. Those that had reached the most mature stage of zero trust deployed had the lowest costs from data breaches on average. However, even organizations that were in the early adoption stage had lower than average costs.
While achieving zero trust can take time, organizations should not be put off from starting the process. The evidence is clear that even beginning the process of adopting zero trust can start to lower the costs the organization incurs as a result of data breaches.
Effective network segmentation
Network segmentation is a valuable strategy for keeping the network secure. The right segmentation policies will help ensure that if a host gets infected or compromised, the incident will remain contained within a small segment of the network.
It is also an important part of a zero trust strategy and in the event of an attack could help to avoid a severe outage that would critically impact business operations. Research has found that organizations that have adopted network segmentation save an average of $20 million in application downtime and prevent five cyber disasters each year.
Following network segmentation best practice can improve the effectiveness of this strategy. For example, minimizing third-party network access or creating isolated portals if access is required will help to minimize the number of exploitable network entry points.
Continuous monitoring for misconfigurations
Our recent study found that, on average, network misconfigurations are costing organizations 9% of annual revenues, amounting to millions of dollars each year.
Another concerning finding from this research was that true risk of misconfigurations is both unidentified and unquantified by the majority of organizations, with only 4% assessing all their network devices by auditing their switches and routers, as well as their firewalls.
Why is this important for minimizing data breaches? When these devices are configured correctly, the play a fundamental role in preventing lateral movement across the network. However, when compromised, firewalls, switches and routers pose a critical risk to the confidentiality, integrity and availability of data, systems and services.
To accurately detect misconfigurations in these network devices, it is necessary to analyze the device configuration as a single entity to consider interdependencies across the network.
Daily risk assessments are considered best practice, but when these are not achievable due to resource or technology constraints, at the very least, device configurations which have changed, need to be checked.
Sampling is known to leave misconfigurations and security gaps exposed. This is where security automation and assurance tools come into play. For instance, Nipper Enterprise automates the process of identifying configuration drift in an enterprise network’s routers, switches and firewalls. Where misconfigurations are detected, it produces risk-prioritized findings and remediation guidance to expedite securing the network, as well as evidence to support compliance assurance with trusted security policies (e.g. DISA STIGs) and RMF controls (e.g. NIST 800-53).
One lesson we can take from 2022 is that data breaches are a continuing threat and costly reality in the digital age. Taking these steps to secure and assure the network will help to prevent and minimize their impact in the year ahead.