Why You Should Be Skeptical About Sensational Cybersecurity Headlines

Did you hear about the recent data breach that exposed 16 billion passwords for logins, including social media accounts, virtual private networks, and corporate tools? While the breach is bad, yes, the truth of the matter is that the situation may be misleading, at least on the surface. 

Let’s take a look at why and learn a few lessons in the process.

16 Billion is an Aggregated Number

Cybernews, the outlet that originally covered this story, has been tracking numerous datasets of breached credentials all throughout this year. Some of these datasets contained tens of millions of credentials, while others reached up to 3.5 billion. The figure actually represents the total impact of those breaches when they are combined.

Much of this is old news in the first place, too, as much of this data is from years ago. Plus, some of it overlaps, which means that it’s not entirely accurate.

This Fact-Twisting is Misleading

It’s one thing to increase awareness of a problem and another entirely to sensationalize old news.

Yes, 16 billion passwords, sans duplicates, were stolen at some point, which suggests that security practices could be improved. But when you lump them all together, it gives the impression that cybersecurity efforts are meaningless, as they’ll just get stolen anyway. That message doesn’t help anyone, and it doesn’t do anything to solve the problem.

These exaggerations also undermine the trust people have in reporting agencies; when data breaches happen all the time, it becomes the norm, which is not the mindset we need people to approach cybersecurity with.

Still, Exposed Business Credentials are a Serious Problem

Data leaks could have significant impacts on businesses and organizations, including the following:

Financial Loss

Data breaches cost your business money. You have to investigate the cause of the breach, figure out how it occurred, and notify your clients or anyone else involved. You can expect legal fees as well, as you’ll likely get fined by a regulatory body.

Damage to Reputation

It’s not a good look when your business suffers a data breach. Clients won’t trust you anymore, and new customers will be hesitant to sign on if they don’t feel like they can trust you with their data.

Business Disruptions

You can expect downtime and other challenges to productivity when you’re experiencing a data breach, especially when remediation and recovery efforts are involved.

Legal Consequences

Certain industries are subject to regulatory bodies that govern how data should be handled. If you fail to adhere to security standards expected of your chosen industry, you can expect to be slapped with fines and other types of legal action.

Customer Impacts

Your customers will be affected by a data breach as well, depending on how much data was involved. They could have their personal information stolen, their accounts taken over, or become the target of phishing and social engineering attacks.

Here’s How to Protect Your Business from Data Breaches

Want to keep your business safe from data breaches? Here’s what you can do on both the organizational level and the individual level:

On the Organizational Level:

• Establish an incident response plan to be ready to handle any breaches as they come.
• Implement comprehensive network security measures, including firewalls, intrusion detection, and network segmentation.
• Train every member of your organization to identify and report any suspicious activity or social engineering attempts.
• Limit access to data and other resources to only those who need it for their roles.
• Encrypt data while it is being stored and transmitted.
• Review your vendors to ensure they are following secure practices.

On the Individual Level:

• Reinforce good password practices, supported by the use of a password management tool.
• Add multi-factor authentication (MFA) to layer security protections.
• Use trusted cybersecurity tools to review existing accounts and identify any with compromised security.
• Keep software updated to resolve security vulnerabilities.
• Stay cognizant of phishing and other signs of attack.

We’ll Help You Keep Your Data Secure

Suffolk Computer Consultants might not be able to do much about the way other companies and services handle your data, but we can ensure that you’re doing all you can to protect your in-house resources. Call us today at 631-905-9617 to learn more.