Contact Us

What is a data
breach? Tips for
data breach

Author: David Grady

Do a web search for “data breach” news, and there is no shortage of headlines about new breaches. Sensitive data—from financial records and login credentials to personal healthcare information—are all too often accidentally or deliberately exposed. The liability, privacy and trust consequences of a data breach can be severe for an organization. This article offers a brief orientation on reducing the risk of data breaches and resources for further reading.

What is a data breach?

The Verizon 2020 Data Breach Investigations Report (DBIR) helps answer the question “What is a data breach?” by defining a data breach as “an incident that results in the confirmed disclosure—not just potential exposure—of data to an unauthorized party.” Data breaches may involve human actions, hardware devices, exploited configurations, malicious software—or a combination of all these factors. But note that a data breach is not the same thing as an “incident.”

Why does it matter what you call it? As data privacy compliance regulations tighten, knowing the difference between a data breach and an incident could save an organization millions of dollars in fines and reputational damage. For example, while many people think that traditional ransomware attacks are data breaches, the DBIR classifies them as cyber incidents. That’s because the data is encrypted, not stolen and disclosed. A ransomware attack only becomes a data breach when the victim’s data is dumped publicly, sold illegally or used to steal credentials.

To better protect your network, it’s important to be able to spot the signs of a data breach. For more information on how to do this, read Overlooked Signs of a Network Data Breach.

Tips for data breach prevention

People, software and devices are the landscape of your cyber security posture. While they all can be vulnerable, they’re also part of your solution to reduce data breach risk.

Below are some best practices for data breach prevention.

  • Educate all authorized users on security policies and best practices. That means everyone from rank and file employees to the C-suite, and even third-party vendors as appropriate.  Depending on your industry, it can be especially important to educate users on preventing social engineering attacks like phishing.
  • Patch and update software as quickly and frequently as possible. When security patches and updates are available, apply them as soon after release as possible. They address vulnerabilities that attackers often exploit.
  • Upgrade and replace obsolete network elements. Make sure you have a full IT inventory. Software and hardware that is no longer supported by the manufacturer can make your network vulnerable.
  • Limit access to and encrypt sensitive data. Sensitive data should be available only to those who need access to it for their jobs.
  • Implement bring-your-own device (BYOD) security and an Acceptable Use Policy. Require all devices to use an approved VPN service and antivirus protection.
  • Enforce strong credentials and multi-factor authentication. This extra layer of security encourages better user cybersecurity practices.

To learn more answers to your question “What is a Data Breach?” and tips for data breach prevention, read Security posture FAQ: know your cyber risk.  

David Grady is an ISACA-Certified Information Security Manager (CISM) and Chief Cybersecurity Evangelist at Verizon Business Group.