Tag Archives: data breach costs

Survey Shows Data Breaches Lead to Poor Customer Retention

Data breaches are a common occurrence, with organizations large and small falling victim to online attackers. The impact of a data breach is not just the economic loss of data; a breach also leads to the loss of customer loyalty as well.

Ping Identity recently released the results of its 2018 Consumer Survey: Attitudes and Behavior in a Post-Breach Era, unveiling consumer sentiments and behaviors toward security and brands impacted by data breaches.

Survey Results

The collected data highlights the importance of protecting customer data, with the survey finding that 78 percent of respondents would stop engaging with a brand online after a data breach. Continue reading Survey Shows Data Breaches Lead to Poor Customer Retention

Sandboxing Helps Fight Against Phishing Attacks

bigstock-Digital-Security-Concept-80983148_jpgThe latest data breach research is out, and there are some eye-opening nuggets. According to Ponemon’s research, the average time to detection of a breach is 256 days – more than 8 months!!! The average per-record cost of a breach varies from as little as $126 in the media industry to $215 for financial services and $363 for healthcare… all while the overall cost of breaches keeps climbing and is now at $6.5 million in the US, or $217 per record.

Unpatched Systems are a Favorite Attack Vector

According to a Network World post, 90% of successful hacks are waged against unpatched computers. Since there are various unpatched systems with vulnerabilities as old as 3 years, attackers are using traditional attack vectors instead of spending expensive resources acquiring zero-day-exploit tools and techniques. By compromising endpoints through spear-phishing or malvertising campaigns, they capitalize on unpatched systems to exploit their vulnerabilities.

Use Sandboxing to Supplement Patching

Application patching is a good practice, but with so many applications it can become a daunting task. Therefore, patching is not the only answer in mitigating the endpoint security vulnerabilities. It needs to be combined with some kind of sandboxing application that contains the web browsing user’s experience and closes the zero-day-exploit vulnerability.

Sandboxing is a virtual application running the browser application. When the user is done, it closes and deletes any files that were associated with that session – thus containing and deleting any signs of malware that the user may have downloaded.

Desktop programs aren’t generally sandboxed. You can use virtual machines or sandboxing programs to keep the application from affecting the rest of your system.

  • Virtual Machines. Programs like VirtualBox or VMware create a virtual hardware to run in a window on your desktop and restrict access to anything outside of the VM. VM programs also allow you to revert the operating system back to the previous state before installing any bad software.
  • Sandboxie. Sandboxie is a Windows program that creates sandboxes for Windows applications by creating virtual environments to isolate programs. This is particularly useful for testing software.