DATA ACCESS | DATA LEAKS
Why Do We Still Witness Data Leaks? Sergey Ozhegov, CEO SearchInform, asks what is the problem of modern data security — Technology, approach, or people?
The issue of data security — both personal and corporate data security — has recently scaled up unprecedentedly. Data breaches are steadily increasing, alongside that, so too is the cost of a data loss. According to the global Cost of a Data Breach Report 2023 by IBM, the average cost of a data breach reached an all-time high in 2023 of US$4.45 million. The second highest average cost of a data breach was for Middle East companies (primarily, Saudi Arabian and UAE companies). Meanwhile, according to the 2022 Cost of Insider Threats global report by Ponemon Institute, the average annualised cost for insider incidents accounted for US$15,378,635 in 2022. In addition to data breaches, there are many other problems: data fraud, unauthorised access, work for competitors, and so on. So why is it that all of this is so rampant in the world if the biggest companies and the most talented cyber defenders are constantly working to protect information? Where is the
problem: in the approach, the people or technology? As it happens, it is in all of them.
Inside job
The first cause of growing data leaks is the imbalance between external and internal threat protection. Companies protect themselves first and foremost against external threats: hackers and DDoS attacks, ransomware, phishing attacks, etc. Meanwhile, according to Varonis research, over 90% of data leaks are the result of internal violations, in particular, actions of employees. I should also highlight another study which found that over 72% of UAE organisations have suffered data loss due to internal actions (As cyberattacks get intense, UAE businesses need to think about insurance cover. Babur, 2023). Employees have authorised access to the most critical information, know the IT infrastructure, and understand the security rules and
40 | SECURITY MIDDLE EAST | NOVEMBER/DECEMBER 2023