Tag: data breach (Page 1 of 4)

rnc data breach web security best practices

The RNC Data Breach: Pitfalls of Neglecting Web Security Best Practices

In a recent security report, researchers revealed an unsecured archive of US voter data collected by Deep Root Analytics, a data firm connected to the Republican National Convention (RNC). The exposed data — which included full names, addresses, and phone numbers of 198 million registered voters — was uncovered by a security researcher in an internet-accessible database with no password protection or any other security measures. The database has been secured at the time of this writing, but it remains unclear how long this data was exposed to the internet.

It may be easy to assume exposures of this nature are an inevitability. After all, a data analytics firm associated with a major political party sounds like a clear target for bad actors. However, the data was discovered by a researcher performing unrelated searches through Amazon’s S3 infrastructure for any unprotected data, not targeted attacks against Deep Root Analytics or even voter data in particular. This fact underscores a critical necessity of the Internet: prioritize the security of your data at all stages of its life cycle. Your data needs to be secure where it’s stored, during network transit, and when it’s in the hands of third parties. This data leak in particular was the result of the RNC failing to properly ensure the security of their data in the hands of a third party contractor.

In this era of automated site crawlers and widely published application vulnerabilities, it’s important to remember that any website on the internet is a viable target for attackers. Ensuring proper security practices should be a vital step in the development of any website or application, no matter the size. If you must share data with third party contractors, confirm that their practices meet or exceed your security standard. If you’re working exclusively within your own organization, it’s still important to cover your bases during the development process.

Web Security Best Practices

Here’s a few things to keep in mind:

  • Password-protect any data you don’t want the public to access.
  • If you’re using a third party application, like WordPress or Magento, it’s important to keep these applications up to date at all times. Outdated web applications commonly include widely-known vulnerabilities that can be used to launch attacks on your site.
  • If your site is custom-coded, ensure that you (or your developers) are implementing adequate input filtering to prevent common attacks, like SQL Injection and Cross-Site Scripting.
  • Make sure your employees are prepared for “human attacks,” like phishing and social engineering.

Outside the scope of your company’s internal security policies, additional security measures are a great added line of defense. A large portion of website compromises are delivered by malicious bots, many of which can be turned away by web application firewalls. Additionally, malware detection by SiteLock® SMART™ is an invaluable way to identify cases when breaches do take place, allowing your team to take defensive action much more quickly than you could with only manual detection. Unfortunately in many cases, website owners are unaware they’ve been hacked until their site is defaced, suspended, or blacklisted.

Regardless of the size of your organization, keeping a proactive security protocol in place is essential to your ongoing success. Don’t do the bad guys any favors by leaving the door unlocked, no matter how unlikely you think it is that they’ll find it.

The Ballooning Cost of Cybercrime

The legal industry finds itself in the upper echelons of companies when it comes to the fiscal impact of a cybercrime. However, many are ignoring this risk. According to the American Bar Association’s (ABA) 2015 Legal Technology Survey, about half of firms said they had no response plan in place to address a cybersecurity breach.

Furthermore, Cybersecurity Ventures predicts the costs associated with a cyberattack could balloon to $6 trillion globally by 2021. To put that in perspective, if cybercrime were a country, the number would represent the fourth highest Gross Domestic Product (GDP) in the world.

To better understand the costs associated with cybercrime it is helpful to group the expenses in two buckets, direct and indirect.

Read More

SiteLock cloud-based security solutions

A Business Case for Website Security

Every business understands their website is a vital building block to establishing an online market presence. However, when it comes to website security, few understand the need or simply feel their company is not at risk.

To make a business case for web security, one must define the target, detail the impact of a hack, outline the mitigation cost and examine any additional benefits of proactive website security. This article will examine those areas to help assist in making a business case for cybersecurity.

Read More

SiteLock Election Infographic

Is Your Voter Data Secure? [Infographic]

Regardless of whether you’re a registered Democrat or Republican, your voter data could be in jeopardy of being compromised by cybercriminals. This election cycle has brought on attacks in 20 states, leading to two successful data breaches. Learn why 34 percent of voters believe this election will be or has been hacked.

Read More

sitelock ecommerce blog

The Basics of eCommerce Website Security

Talking about cybersecurity is equivalent to addressing the elephant in the room. It needs to be addressed, but the issue often gets pushed to the backburner. Studies show that 70 percent of Americans shop online at least once a month. However, over 30 percent of consumers say they hesitate to make those purchases due to security concerns, like credit card data theft.

As an online retailer, it is time to address the elephant in the room by addressing your customers’ fears. To get you started, we cover four basic—yet essential—tips to protect your eCommerce site.

Read More

The Cost of a data breach

Calculating the Cost of a Data Breach [Infographic]

The cost of a data breach is rising globally. Learn how different countries and industries are impacted when they’re hit with one.

Read More

Social media data breaches

Cybercriminals are Oversharing with Social Media Data Breaches

It’s been a busy time for data breaches in the social media world with Myspace, LinkedIn and Twitter all experiencing them. In each of these cases, the cybercriminals behind the breaches were after usernames and passwords. The most commonly used passwords today are, “password” and “123456,” and it only takes a hacker .29 milliseconds to crack them.

Read More

Healthcare data breaches

Healthcare Data Breaches – A Growing Epidemic [Infographic]

More than 90% of healthcare organizations experienced a data breach over the past two years. This could be because health information is 50 times more valuable on the black-market than financial information. Let’s find out why…

Read More

A Data Breach in Turkey Exposes over Half of its Citizens

It is hard to image that over half of a country’s population could fall victim to a data breach, but the reality is, no one is exempt from cyber attacks.

The country of Turkey was hit with a massive data breach in early April 2016, exposing 50 million of its citizens. With 80 million people living in Turkey, the leak impacts more than half the country’s population. The leaked data included the names, addresses, birth dates, and national identification numbers of the victims. The cybercriminal has not yet been identified, but it appears the hacker was motivated by political issues and used the data breach as a way to declare his dissatisfaction with certain political figures.

Read More

protect your data keyboard

Avoid a Security Breach with These Easy Tips

With 52% of security breaches being caused by human error, it is important to recognize that one of your employees could inadvertently be the cause of your company’s next data breach. This month, SiteLock is supporting Data Privacy Day on January 28, 2016 in an effort to create awareness around the importance of privacy and protecting personal information.

Educating your employees is key to preventing a breach, so here are some best practices to get the ball rolling:

Read More

Page 1 of 4

Powered by WordPress & Theme by Anders Norén