Blog | Digital Risk Protection

Startups and Small Businesses: Targets for Data Leakage

Written by Andre Luiz R. Silva | Oct 25, 2019 5:43:13 PM

Much is being said about the worldwide growth of the Internet, but yet another statistic that deserves attention is the increase in the volume of data. In 2025, 175 zettabytes (ZB) are expected to be produced. That’s 175 trillion gigabytes! 

This prediction, released by the International Data Corporation (IDC), is more than five times the volume of data in 2018, which totaled 33 ZBs. What, then, does all this tell us? That we live in the era of big data, of course, but mainly that there is a trend toward placing great trust in that data. 

It’s therefore no coincidence that leakage of that information is affecting even giants like Facebook. Added to that is the worldwide trend toward data protection legislation and a shift in the way that cybercriminals work, zeroing in on startups and small businesses.

 

Why has data leakage reached startups and small businesses?


As obvious as the popularization of the Internet is, the truth is that most businesses prioritize the speed of processes—especially in the digital era. And that, unfortunately, applies to cybersecurity as well. With all this user-friendliness, systems and technologies are being connected to external databases at a frenetic pace. 

Therefore, the scarcity of time for tests and precautions results in low security levels and creates exposure issues for databases and internal networks. Without full awareness of the dangers and lacking robust risk management, the probability increases that small businesses will suffer data leakage. After all, this whole scenario can still be very new to those who have so many other business concerns to deal with.

An October 2019 survey by the Ponemon Institute in conjunction with Keeper Security attests to that fact. While 54% of the small- and medium-sized companies interviewed in 2017 had suffered data leakage, the current figure has jumped to 63%. 

The same survey pointed to other worrisome data: 70% of companies do not have a full understanding of the third-party apps that they’re using to share information.

Another interesting fact: 55% of those interviewed indicated that a third-party app was the cause of their data leakage. But the most prominent villain, cited by 63% of those interviewed, was employee or supplier negligence.

The primary reason for all this, aside from the pressure to deliver products faster, is the lack of trained personnel (cited by 77% of the businesses). In any case, data leaked from those companies is out there—and in this data-driven era, the problems tend only to intensify.

 

Be aware of vulnerabilities and third-party access 


In order to reduce data leakage risk, your first thought should be to launch an awareness campaign and implement good password-protection practices (using symbols, two-factor authentication and data managers). 

Also, know that hackers are the primary threat to your data channels. And some hackers do, in fact, employ sophisticated techniques such as formjacking and SQL Injection that can catch companies off guard. Verizon has already demonstrated that. A recent report indicated that 52% of leaks originate from hacking.

But some of the other data is also quite striking, since it was generated, or occurred, outside the company’s environment: 32% of data leaks involve phishing (that pilfers employee data, for example), and another 29% use leaked credentials.

Thus, the use of third-party apps (and the trust placed in them) shows how the environment outside the company can be filled with digital risk and data leakage. Yes, it seems like things just get worse. But there is a way out!


Monitoring and response: the support that can be crucial

Understanding that in six years we will reach 175 ZB, you can imagine the volume of data that will be “loose” out there—unless its custodians are enabled to truly ensure a good level of security. Therein lies the importance of monitoring not only your environment, but also leakage of your data through third parties.

Being proactive in finding and removing leaked data is an important factor, but still little understood. According to data from IBM, the average time it takes for a company to contain a data leakage situation is 6 months and 17 days.

Axur’s digital risk monitoring and response can help you. Whatever your company’s size or budget, our thousands of bots and machine learning techniques can find and remove digital risks, including data leaks.

Find out about our solutions for data leaks and Hashcast, and get access to practical, effective protection plans that work 24/7 against data leakage.