Cybersecurity insights from 2016 security breaches
In 2016, more than 2 billion records were reported stolen in breaches that occurred the same year and just-discovered breaches from the past. The Identity Theft Resource Center recorded 980 breaches during the calendar year, accounting for millions of stolen high-value records (including Social Security numbers, driver’s license numbers, medical, and financial information). These increasingly common incidences offer valuable cybersecurity lessons that may prevent similar attacks in the future.
Who was at risk in 2016?
Both small and large organizations suffered the consequences of security breaches in 2016. From general medical practices to major online networks, few sectors emerged unscathed. Notable reported breaches included well-known organizations such as LinkedIn, Tumblr, the National Security Administration, Oracle, and Verizon. New information on old breaches at organizations such as the Internal Revenue Service, Yahoo, and MySpace highlighted the true extent of major cybersecurity events.
From simple hacks resulting in the loss of usernames and passwords, to more serious breaches involving protected health information, major security breaches in 2016 compromised the digital and personal identities of millions of people across the world.
Evaluate insights from major breaches
As I review the breach reports from last year, I’ve noticed a few things that stand out as themes. If every business understands its major vulnerabilities and criminal patterns, it can adjust to the current threat landscape. Consider these lessons:
- Employees represent a major vulnerability. Many major breaches begin as crimes of convenience. Instead of using complex attacks on secure systems, criminals target a company’s weakest link—its people. Using phishing and social engineering attacks, typically through email and website activities, criminals easily gain access to entire networks and private records. The best security strategy can go awry if the people who use the network do not protect it. Simple precautions such as strong password management, cautious email opening practices, and restricted internet access can significantly reduce threats from inside the organization.
- All endpoints, including internet of things devices, need security protections. IoT devices—including smartphones, augmented reality tools, sensors, cameras, connected medical devices, and microphones—all need security protections. Breaches can arise from physically stolen devices as well as software vulnerabilities as devices communicate with networks. Encryption, authentication, password protection, secure coding, and pushed updates can increase the security of IoT devices. Incorporate all devices into annual security audits for improved cybersecurity. Stronger IoT security may have prevented the distributed denial of service (DDoS) attack on domain name system (DNS) service provider, Dyn, which affected websites including Amazon and Twitter.
- Online organizations may need redundant DNS providers. Another lesson from the Dyn attack is that DNS redundancies can prevent costly downtime. Companies can improve website speeds and avoid backlash from a breach when they initiate a contingency plan for potentially vulnerable website services providers, including DNS providers. In other words, do not put all your digital eggs in one basket—especially if you rely on online sales.
- A one-time security fix isn’t enough. As criminals evolve, security considerations must also shift. Every security precaution requires routine testing, updates, and support to deliver optimal results. At their best, cybersecurity tools will reduce the risk of an attack, but ignoring the problem is not a viable solution. Ongoing updates should go beyond the scope of regulatory requirements to cover all hardware, software, and user activities. In many of my articles, I discuss the importance of agility in business technology. The concept of agility also lends itself to optimized security practices. Create a culture of change around the best practices available for cybersecurity.
- Never forget security basics. As the cybersecurity market consolidates and evolves to include many all-in-one solutions, businesses can never rely completely on an internal team or an outside service provider. Strong security begins with password protection. Even internet-savvy Facebook founder Mark Zuckerberg fell victim to a hack arising from poor password planning. A LinkedIn hack exposing 117 million accounts featured passwords with simple words or a series of consecutive numbers—some of the biggest no-no’s in password creation.
Following best practices for password protection not only reduces the likelihood of a hacking attack on one account—it can also reduce the likelihood of attacks on other accounts. Create a password guide for your organization, and enforce its use. Anyone with a company login needs to understand the importance of a secure password within the larger security picture.
As 2017 begins, the threat of cyberattacks continues. It is an ongoing battle that every company must fight. Use these lessons from 2016 breaches to strengthen your own cybersecurity strategy and avoid the consequences of a data breach. Every security action adds a layer of protection.