Recent Capital One breach could have been avoided

Reportedly, more than 90% of all data breaches are preventable in 2019.
Salam Yamout, the Internet Society's Middle East regional director
Salam Yamout, the Internet Society's Middle East regional director

Share

The Capital One incident is the latest in a string of high-profile, high-impact data breaches. In this case, the hacker gained access to users' information by exploiting a misconfigured web application firewall - something that could have been prevented.

Events like these serve as a grave reminder that companies holding personal and sensitive data need to be extra vigilant.

Good data stewardship is something everyone in an organisation should strive for. It should not be left just to the C-suite or the IT security team. Basics such as the use of strong passwords, multi-factor authentication and keeping software updated would prevent a significant percentage of all cyber incidents.

While its effects are damaging, leading incidents such as these are instrumental to teaching important lessons:

  1. Only collect and retain data that has a business purpose for as long as it is required.
  2. Have plans to reduce the impact of an attack. This can be done by incorporating training to help prevent, detect mitigate, respond and recover.
  3. Organizations need to regularly review their procedures for data storage and collection as security and privacy are not absolutes. They must evolve with changing technologies and regulations.
  4. Security is beyond an organization's peripherals. A risk assessment prior to parnerships with external business partners or service agreements should be made with periodic re-assessment.
  5. Build trust through trasparency ensuring that everyone ranging from customers, board members and important stakeholders are informed of an incident with regular updates.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

Editor's Choice

Emerson expands analytics platform for industrial enterprise-level wireless infrastructure management
Plantweb Insight platform adds two new Pervasive Sensing applications that manage wireless networks more efficiently with a singular interface to the enterprise
Digitalisation seen as a competitive advantage by Middle East private businesses
Nearly 80 per cent of private business leaders acknowledge that digitalisation can impact business sustainability
Etisalat introduces Multi-Access Edge Computing architecture delivering best-in-class video streaming performance for 5G networks
MEC architecture achieves performance gains of as much as 90% in video streaming, validating how ultra-low-latency applications will be delivered over 4G and 5G networks

Most popular

Don't Miss a Story