The Physical Side of Data Breaches
3 Things to Know About Data Breaches
1. 15% of all cyber attacks have a physical component to them
2. The average cost of a data breach in 2017 was $7.01 million
3. AI-powered video analytics can augment physical security operations to reduce breach frequency
According to one study, the average organizational cost from a data breach in 2017 was $7.01 million. But did you know that 15% of all cyber attacks have a physical component to them. Of course, there are stories of exotic and exciting methods used to gain physical access or proximity to a company’s critical servers and information centers, but the primary ways a physical component is involved in a data breach is spectacularly mundane. And while AI-based solutions can take care of the enhanced methods deployed (like dropping a drone armed with a data grabbing device on a roof ), converting the company’s existing camera network, and its corresponding centralized monitoring station, into an AI-powered real-time monitoring tool, will cut out the 15%, saving the company millions in losses.
This blog is excerpted from our White Paper, “The AI (R)Evolution of Enterprise Security“
In his article, “The Compelling Case for Unifying IT and Physical Security,” Thomas L. Norman details story after story of data breaches involving a malicious actor physically involved in the process. One such incident is the Veteran Administration’s (VA) data breach that put 26.5 million veterans personal information at risk, including their social security numbers. Was it a blackhat hacker group who gained access through a crack in the VA’s cybersecurity? No, it was much more boring than that. A data analyst took material home from work, violating the VA’s policy, and the material was then stolen from the analyst’s home. A video analytics solution which allows customers to customize their analytics could be trained to detect when, for example, laptops containing sensitive information are removed from an office.
Additionally, disgruntled or careless employees account for many of the most well-known data breaches in recent memory. The NSA’s data breach is believed to have happened because someone was able to gain access to areas where critical information was stored, and later simply walked out of the front door with a USB drive full of secrets.
Some considerations for shoring up cybersecurity through a more robust physical security plan:
- Maintain an exhaustive and continuously updated approved outside vendor list, verified through face identification. It is not enough to merely have a credential waved casually in a security guard’s face in order to gain entrance into a company’s facilities. The risks are too many and too varied, and the costs of incidents too high to not know who is gaining access to critical areas of your facility.
Companies should have an exhaustive list of employees who are allowed inside areas that house sensitive information—be it a room, section of a facility, or a whole floor. As large corporations construct beautiful new buildings, in order to provide more enjoyable workspaces and public areas for customers and visitors to move about, the possibility of unwanted access is only heightened. If an employee is detected in an area they are not allowed into or trying to enter said area, doors should be locked, alerts sent out, and security guards deployed. Rather than stationing guards at every door and entry-point, leverage the camera’s all-seeing power through video analytics.
Lastly, recently fired or disgruntled employees are routinely left with access to the buildings after they’ve been let go of or put on suspension. These individuals should not merely be expunged from the access lists but should have their faces added to a list of potential threats to safety. Brian Hill of Computer Forensic Services gave a talk at the 2017 Midmarket CIO Forum, where he said one of the major threats to cybersecurity is the employees themselves, whether they are terminated or resign, they can create backdoors for themselves to be taken advantage of later. Hill said, “In one major county in Minnesota, thousands of employees never had their credentials revoked when they resigned or were terminated. It was in the policy manual, but no one was actually doing it. This led to obvious, major, security risks.”
Just as many IT security professionals use behavioral analytics to identify suspicious online activity patterns on their networks, an AI-powered video analytics solution can learn the normal behavior and movement patterns of employees. Does “Mike” normally try to access the server room at 5:49 PM on a Friday? In fact, has he ever accessed the floor that the server room is found located on? Or, is Mike the janitor and, in fact, accesses the server room once a day to empty a garbage can inside, which only takes an average of 30 seconds, but, today Mike was inside the server room for five full minutes? Security should and can be alerted.
Protecting against data breaches and IP theft is paramount to the long-term success of the modern enterprise. Data breaches not only cost the company in financial terms but in reputation and image. And some companies never recover. All of the above recommendations can be incorporated into a company’s security operations through a comprehensive AI-powered video analytics solution integrated directly into the company’s existing camera network and VMS.
Subscribe to the blog!
Leave a ReplyWant to join the discussion?
Feel free to contribute!