How to Handle Data Leakage - One of the Top 3 Problems CISOs are Facing

As more aspects of our lives move online and more of us are working remotely, data leakage and data breaches have become a real possibility.

It has become a huge problem for data security. How you handle a data leak is vital.

In this article, you’ll learn what exactly a data leak is, how they occur, the different types of data leak, what to do after a data leak and how to prevent a data leak in the future.


What is a data leak?

A data leak is the unauthorised and often accidental transfer of data from within an organisation to an external endpoint. This transfer could be electronic via the web and email, or physically via USB keys, external hard drives, laptops, etc.

How does a data leak differ from a data breach?

Well, a data breach is when there is a successful cyber attack from an external source to gain sensitive information.

A data leak, however, is from the inside out. It isn’t the result of a cyber attack but is usually the result of poor data security practices or accidental (or intentional) actions (or inactions) by an individual.

They can both result in the same thing though.

Penalties and fines, damage to your reputation, loss of strategic advantage over competitors, loss of sensitive information, short and long-term financial losses.


How do data leaks occur?

Usually by accident is the short answer.

-          Data stored on unprotected devices and databases (e.g., a file saved on your desktop on a non-password-protected account).

-          Mislaid portable storage devices, e.g., USB stick, external hard drives, laptop, etc.

-          Misconfigurations by IT staff. This might be related to remote working, accessing databases, security rules, etc.

-          Employees. This could be careless employees accidentally exposing or sending sensitive data. Or disgruntles employees past and present intentionally stealing or exposing data, trade secrets, product information, etc.

-          System or software errors and bugs.


Leaked data types.

Any data, information or business communications an organisation keeps, can potentially be leaked. And someone, somewhere will find a way to exploit that information.

Some examples of data types that can potentially be leaked include:

-          Customer data

-          Employee data

-          Research data

-          Trade secrets

-          Business communications

-          Sales, products and inventory information

Probably the most valuable information to cyber criminals is personal information that could result in identity theft, such as credit card numbers, bank details, social security numbers, usernames, payment history, email addresses, CVV codes, passwords, etc.

Internal company information is also of interest, especially data held by large companies. This includes internal memos, emails and documents, performance statistics and projections, strategic and other critical business information.

The leaking of trade secrets can devalue products and services and undo years of research. Plans, formulas and designs of products, proprietary software and marketing strategies, can all be catastrophic for a large business.

Analytics and data leakage that show trends, patterns and forecasts can have negative impacts on your business too. Psychographic data, behavioural and prediction data can be used to sway opinions and cause damage to reputations.


What to do after a data leak.

If you do experience a data leak, how you handle the data leak is important.

There are a few steps you should take to ensure you deal with the leak in a structured, yet immediate, way.

-          Assess the size and details of the data leak.

o   What information was leaked?

o   What impact has this had?

-          Secure your IT systems, ensuring more data isn’t lost, e.g. taking computers offline, authorised IT staff to change login credentials, etc.

-          Work through how the leak occurred.

-          Take immediate steps to prevent further leakage.

-          Advise all relevant parties of the leak and/or devise a communications plan.

-          Review your IT systems and processes to identify risk points for potential data leaks.

-          Review all aspects of data security, strengthening where necessary.

-          You may require the help of outside forensic experts and legal advice.


How to prevent data leakage.

Using strong cyber security protections can help you avoid data leaks.

Get advice from the experts, they’ll advise you on the necessary tools, software and strategies. With these tools, policies, advice and guidance you can put together a data loss prevention (DLP) strategy.

This DLP strategy may include the following:

-          Organise your data into categories and protect it according to its value and sensitivity. Who should be allowed to access the various data you store? What can be shared?

-          Regularly assess your risks.

-          Ensure all employees are suitably trained regularly in security awareness and secure data handling practices. They’re often your first line of defence.

-          Review all IT and data storage systems and security.

-          Ensure you are fully GDPR compliant where necessary.


What next?

Data leakage is a real threat, but the risks can be mitigated with the right experience and guidance.

BlueFort Security is an enterprise IT cyber security specialist. We’re experts in what we do, from preventing data leaks and delivering answers to remote access and cloud transformation, to zero trust application delivery, we offer technical know-how and return on investment.

Get in touch with your cyber security requirements and concerns.

Telephone 01252 917000, email, or head over to our contact form.

Most common hacking techniques

Find out the most common hacking techniques

Uncovering the hidden risks of Shadow IT

Do you have full visibility of your WFH applications and tools? Controlling a known risk that’s posing new challenges

The future is a distraction, risk lives in the present.

New ventures and concepts are all well and good for the future of cybersecurity, but what about the present? Guest blog by Anthony D'Alton from Rant Events