Attack attempts are on the rise, a prevention-based approach has never worked well, and the costs of a breach are varied and extreme.with 446.5 million records exposed. Compare that to 2005 when there were 157 data breaches and 66.9 million records exposed.
When you think about the rippling effects of a data breach, it’s easy to see where this large cash flow ends up. In addition to paying regulatory fines in some cases, businesses are also funneling more money to third-party experts and PR agencies to manage and remediate the situation. All the while, the financial loss is probable as customers and prospects lose trust and move elsewhere for their needs—whether it’s a new bank, health insurer, or retail store.
Within that broader investment, another trend is beginning to make itself clear: prevention is no longer the approach that makes the most sense. Organizations are pivoting to think about what happens after they’re hit.Capital One suffered a huge blow earlier this year. In what’s viewed as one of the, a hacker accessed 106 million customer and applicant records, exposing 140,000 Social Security numbers and 80,000 bank account numbers, among other information.
In the case of the Capital One data breach, the hacker exploited a misconfigured firewall in the company’s AWS environment. This allowed the individual to access the credentials associated with the firewall and then use them to access files in the AWS environment.