May 2021 - Descasio

Five Efficient Ways of Preventing Data Breaches

We all get reminded of the importance of data security when reports of organizations losing millions to data attacks make the headlines. Based on recent reports, these attacks seem to be increasing rapidly. According to 2021 Data security report by Deloitte, SMEs, health institutions, public, private, financial, and non-financial institutions in Nigeria suffered massive hits from cybercriminals towards the end of last year and are expected to experience more of such attacks with higher magnitudes this year.

Major contributors to this have been the increase in mobile penetration in Nigeria and the adoption of new IT solutions which when not properly managed could create a premise for cyber-criminals to launch more attacks.

While some organizations still bear the notion that they are too small to be targets, others are learning to embrace the truth that data security should be a priority for every organization regardless of their size.

Data breaches, no matter how small, can ruin business processes and make customers doubt the credibility of an organization’s systems. Hence, Organizations today are expected to be strategic and practical about their approach towards securing their data. While this might sound like a huge task to take on, there are simple steps that organizations could take to strengthen their security posture.

These are five efficient tips for preventing your business from data breaches.

Make preparations ahead of time.

The most important step to preventing a data breach is to set up a defense before the attack is initiated. Making preparations ahead of time could involve carrying out a periodic vulnerability assessment to verify which of your assets are vulnerable to attacks. This will then inform the decision to tighten up loose ends that could be exploited by malicious actors. Preparing should also involve setting up a data recovery system to ensure that lost information can be restored in the event of a successful attack.

Avoid clicking unknown links

One of the most popular methods of launching cyber attacks is called phishing. It involves the use of a malicious link embedded into an email that is feigned to be sent from a reputable organization. This technique is usually used to steal sensitive data like credit card and login information or to install malware on the victim’s machine. A 2019 report by Verion established that 78% of cyber-attacks involve phishing. So, as simple as staying your hands and having a second look might be, it could go a long way in saving you and your company.

Educate your staff on security measures

Hold periodic training sessions on preventing data breaches with your team. Ensure to bring up point number two in those meetings and emphasize it. Ensure that each team member is up to date on security and privacy rules. Remember that you are just as strong as your weakest line of defense. It might take a while for the information shared during these sessions to stick. So, ensure to make the training sessions periodic.

Update software regularly

Updating your software on time could make your network less vulnerable. You can be on the lookout for updates or use products like Microsoft Baseline Security Analyzer to confirm that all programs are up to date. This is a cost-effective and easy approach to preventing cyber-attacks.

Employ the service of a security optimization agency

With a security optimization agency, you can leverage the expertise of a team of industry specialists in managing security issues and maintaining a more secure posture in the cyber world. Let them focus on the work of keeping you safe, while you focus on your revenue generation and expansion goals without worry.

Want us to take care of your data security needs, send us an email @hi@descasio.io contact us on 01 912 5048.

4 Min. Read/May 20, 2021/by Team Descasio

Digital Transformation

5 Major Causes of Data Breaches

Somewhere around the world, someone is punching their keypads real fast, or maybe slow – although I really like to picture it fast like in the movies – and here’s what they’re doing. They’re writing up codes and setting up malicious links just so they can slide behind your online security and steal away your personal data or that of your employees, or clients. Sadly, with new techniques, hackers are able to do this without raising any suspicions.

Now the big question is, how can you stop this? Here’s our answer to that. You first need to know what the major causes of data breaches are. How do hackers get in? Who or what can give them entry? Providing answers to these questions will help with creating a line of defense against attacks on your data. To help you with that, we compiled a list of top causes of data breaches and we’re going to share it with you in this blog.

Here’s our shortlist of top causes of data security breaches.

1. Weak passwords

You should be a little familiar with seeing those two words side by side. Basically, 90% of sign-up pages give you that “weak password” notification when you attempt to register a short and simple password. Bless the heroes behind those pages. Some even go as far as stopping you from moving to the next page until you create a strong password. However, some other pages give easy passes and we embrace it to our own disadvantage.

Weak passwords create a loophole in your security system and hackers are always ready to exploit that vulnerability.

2. Human Error

According to a Statista report, human errors are the second most popular cause of data breaches. Another report by Verizon revealed that one in five incidents are often caused by a mistake made by an employee.

Human errors could involve sending private information to the wrong recipients. It could also involve leaving a database of information online without any password or restriction. On this note, you might want to ensure that when using software like Google forms or sheets to collect user info, only a few trusted people can access the form. It’s a lot safer to give authorization to a few people within your organization than to make the form available to anyone with the link.

3. Misuse by authorized users

This might sound like a repetition of the previous point but it’s not. The major difference here is that this is usually intentional. Employees who have grudges with their organizations often seek to get back at them and see leaking company data as the best way to do that. In other instances, it might not be as a result of a grudge. However, employees can stumble on some inside information and decide to share it with an outsider for different reasons.

4. Malware

Fun fact; malware is a mix of two words – malicious and software, just like ransomware is a mixture of ransom and software. There are different types of malware and they can be used for different purposes. One prominent type is called RAM scrapers and it is used to scan the memory of devices to collect sensitive information.

POS systems are particularly vulnerable to this type of Malware and this could lead to huge financial losses as a result of the compromise of financial data.

5. Hacking

Sitting at the top of the chart for causes of data breaches is hacking. 45 percent of data breaches are attributed to hacking. It encompasses many activities like phishing or social engineering, ransomware injection, and so on.

You can’t prevent hackers from attempting a data breach but with a proper security system set up, you stand a good chance of safeguarding your data from them or at the very least, recovering stolen data.

To find out about the strength of your security system and optimize for a better chance against threats contact us for a cyber threat vulnerability assessment today.

4 Min. Read/May 12, 2021/1 Comment/by Team Descasio

Digital Transformation

Top Reports on Data Security Issues in 2020

Just like we have natural disasters and several other hazards in the physical world that we live in, there are also several hazards in the partially non-physical world of technology that we humans have succeeded in creating. Today, data security happens to be chief of them all.

Data security has been an issue in the tech world for years longer than our fingers can count. It first became a significant concern in the 1980s. The first set of viruses was the result of an error within an algorithm with the ability to replicate itself. After studying the error, tech geeks were encouraged to explore their new findings and it soon became another aspect of computer programming. Aren’t we unbelievable?

Years down the line, more harmful viruses have been created and hackers have developed new techniques for deploying these viruses into systems very easily.

The year 2020 was undoubtedly a year like none other before it. The world was plagued by a pandemic that took the lives of thousands, forced us behind doors, and crippled our economy. But, if you thought for a second that these sad events were enough to make hackers take some time off, well, think again.

Right in the middle of the pandemic, hackers went all out to set new records for malware attacks and data breaches. Here are some of the reports on data security issues in 2020;

Over 37 billion records were exposed due to data breaches

A reported total of about 3,932 data breaches occurred during the year. This led to the exposure of over 37 billion private and business records comprising email addresses, financial information, and others at the end of the year.

Global losses from cybercrime skyrocketed to nearly 1 trillion

According to a publication in the Washington Post, McAfee estimated the global loss from cybercrime and data breaches to be worth $945 billion in its 2020 report.

Nigeria was one of the top African countries that witnessed cyber attacks.

Bringing it home, Nigeria was one of the top African countries to witness malware attacks during the year. Over 3.8 million malware attacks were launched at individuals and companies in Nigeria while over 16.8 million potentially unwanted applications were also detected on systems during the first 7 months of the year.

Zoom, Twitter, and Nintendo were part of top tech companies that fell prey to attacks

On July 15, Elon Musk, Barack Obama, and Bill Gates all shared a tweet with the same content. Or did they? The tweet read “I’m giving back to the community. All bitcoin sent to the address below will be sent back doubled! If you send $1000, I will send back $2000. Only doing this for 30 minutes,”. Well, if you ask me, that doesn’t really sound like any of them. However, the message reached over 350 million people and resulted in a recovery of £86,800 in stolen ‘donations’ within hours. Nintendo and Zoom also had their share of attacks both leading to loss of data.

Online crime increased by 400% in May 2020

As people sought safety information and organizations hurriedly implemented new work from home arrangements, hackers were presented with the perfect opportunity to launch attacks on those with little or no knowledge of data security measures.

Google blocked 18M malicious coronavirus emails on a daily basis during the pandemic.

Sounds like a huge number, but for hungry cyber frauds, it certainly wasn’t. Hackers attempted to use people’s worst fears at the time to lure them into traps. According to Google, some of these fraudulent emails impersonated government agencies like the World Health Organization (WHO). These 18 million malicious emails were asides from 240million COVID-related spam messages that Google was tracking on a daily basis.

With cybercrime attempts and resulting losses on the rise, both individuals and organizations need to be more intentional about investing in data security. Don’t take chances with your business, contact us for a cyber threat vulnerability assessment today.

4 Min. Read/May 5, 2021/by Team Descasio