With David Grady and Jason GraffWatch Podcast
The reality of data breaches and other cyber threats continues to grow year after year and the only way we know what’s happening and how to address it is through the dedicated work of teams who do in-depth annual analysis of real-world security incidents. The team at Verizon produces the annual Data Breach Investigations Report (DBIR) which has quickly become one of the most respected and helpful security reports published.
The report includes data from real incidents and real breaches, providing insight into what happened, how it happened, and who was responsible both externally and internally. It’s a powerful resource to help organizations of all sizes and in every industry understand their vulnerability to cyber threats. Listen to hear about the 2020 version of the report and discover how the information gleaned through this assessment can inform your security protocols and approaches.
As you can imagine, the healthcare industry is one of the most data-intensive and data-sensitive industries. It is an area that requires some of the highest security measures due to the volume of personally sensitive data that exists within the system. Healthcare organizations are responsible for a great deal when it comes to security.
The reason healthcare is always a big target for hackers and other bad actors is that the data healthcare providers manage is highly monetizable. The intense security required comes down to access control and identity access management procedures, as well as continual monitoring to ensure internal personnel only access data repositories that are relevant to the work they are doing for the organization.
But there are also many external concerns. In the healthcare industry, there exists a complex partner ecosystem that works with shared data. Each partner organization must perform its due diligence when it comes to security so the entire network of partners can be secure. Listen to hear how the healthcare industry has made great strides and where it still needs improvement.
With such a necessary focus on Personal Identifying Information (PII) and Personal Health Information (PHI) it is understandable that in many scenarios, the security of Intellectual Property (IP) falls to a lesser priority. But this year’s report makes it clear that Intellectual Property is a target of cybercrime. When the need to secure IP does finally come into focus it’s usually too late and something has already been compromised or stolen. All industries need to recognize that their IP is just as important to protect as personal data.
One of the things I want to highlight from this conversation is that the data shows that security is an issue at most companies. That’s a reality the C-suite needs to understand because they are the ones who can move security initiatives forward aggressively and ensure that security is a consideration from the outset of every project.
This year’s DBIR will help the C-suite understand…
Listen to this episode to learn how foundational issues such as DDOS attacks, delivery errors, lack of adequate processes and procedures, lack of secure credentials, and weak enforcement of best practices lead to some of the most significant risks. Your security team will thank you for taking the findings of this report seriously.