Meredith is the CEO ofAutoRABIT, a leader in Salesforce.com DevSecOps and data protection for regulated industries.
Cybersecurity has become a top concern for businesses and organizations in regulated industries. The exposure of sensitive data can have wide-ranging impacts, including a failure to meet regulatory requirements, costly restoration processes, loss of customer confidence and more.
Potential sources for data breaches, exposures and loss are increasingly varied. Something as simple as an accidental deletion by a team member can be incredibly costly. A single minute of downtime resulting from data loss or corruption can cost a company millions of dollars.
Adequate preparation is the only way a business can avoid falling victim to the next high-profile data exposure event. And the best way to prepare for what’s coming next is to learn from the past. SolarWinds, Log4j and Heroku provide very useful context for preparing your environment for the next cyberattack.
SolarWinds, Log4j and Heroku are just some of the recent high-profile attacks in the U.S., but the list continues. Spring4Shell and the LAPSUS$ vulnerability also wreaked havoc, further proving the urgent need for big companies to protect their customers’ data with the strongest data security measures possible.
The SolarWinds hack showed how easily a system could become compromised, even if an organization doesn’t directly experience a data breach. SolarWinds, a technology software firm, experienced a cyberattack in 2020. Due to the fact that SolarWinds was integrated with high-profile companies, the hack allowed attackers to access these companies’ systems, which included extremely sensitive areas of the U.S. government such as the Department for Homeland Security and the Treasury Department, according to Business Insider.
Apache announced a security issue with Log4j, a Java-based logging utility, in late 2021. Every internet-connected device that ran Log4j was susceptible to vulnerability, which was a huge problem for the top-tier companies that used it like Amazon, Oracle and IBM. This was the largest hack of its kind in over a decade.
The vulnerability allowed the execution of an arbitrary line of code by exploiting the Java Naming and Directory Interface (JNDI). Hackers introduced a single string to the log, allowing them to add their own lines of code. This gave them the potential ability to gain full control of a target’s system.
Heroku is a cloud platform as a service (PaaS) that experienced a cyberattack in April of this year. All users of this integration were potentially exposed, leading Heroku to require their users to reset their passwords.
OAuth tokens for GitHub integrations were exposed. From there, hackers may have been able to access the system at large and compromise a token for a Heroku machine account, creating the possibility of downloading data from private code repositories of some GitHub users on the Heroku platform.
A comprehensive overhaul of a data security strategy starts with first assessing the successes and potential vulnerabilities of current tools and procedures. Throughout this entire process, a safe, clean flow of feedback between every department and team is crucial.
An example process to identify potential vulnerabilities may include these six steps.
1. Identify protected data: Scan the system for any data or information that could prove damaging if exposed, such as PII (personally identifiable information), financial information and even certain types of metadata.
2. Audit permissions: Ninety-five percent of breaches are the result of human error. Make sure only those who need access to sensitive information have it.
3. Analyze entry points: Fortify login screens and link third-party accounts to cut off major access points for cybercriminals.
4. Communicate best practices: Strong passwords, knowing how to spot phishing attempts, only accessing company software with approved devices—actions such as these offer large degrees of protection.
5. Assess reporting capabilities: Documentation is essential for finding and stopping data security breaches. Ensure you have access to access logs, login history and other types of security reports.
6. Evaluate backup strategy: A reliable and fully functional data backup is critical after a data loss event. Ensure the backup strategy offers the protection you need.
To avoid being the next company to experience a major data loss, start preparing today. Securing your entry points, ensuring team members maintain mindful practices and employing intentional tools are considered by large companies today to be non-negotiable aspects of a data security plan.
It’s impossible to guess what the next huge cyberattack will be. The only thing we can do is put barriers in place to fortify our technical environments against bad actors.
Learning from previous breaches offers a glimpse into a possible future that we all want to avoid. Use these lessons as a guide to put a proper data security strategy in place and avoid costly and damaging attacks.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?