Freely subscribe to our NEWSLETTER

“Enterprises need to follow best practices of encrypting all sensitive personal
data as it enters a system. Encryption stays with the data whether at rest, in
motion or in use, so if an attacker accesses the data, they get nothing of value.
The ability to neutralise a breach by rendering data useless if lost or stolen,
through data-centric encryption, is an essential benefit to ensure data remains
secure. Credentials that never need to be recovered in clear form should be strongly
protected with state-of-the art methods, for example, strong standards based keyed
hashing.

Hackers will steal anything of value and this story is no exception. Data has high
value to attackers, and even though the information for sale on the black market is
several years old, it can still be used for social engineering attacks for spear
phishing to attempt to gain access to deeper systems with even more lucrative data
that can be monetised directly if stolen.

We have a saying in security, it’s not a matter of if a breach will happen, but
when. Beyond the threat to sensitive data, companies need to be concerned with the
impact a data breach can have on their reputation and, ultimately, on their bottom
line. A data-centric approach to security is the industry-accepted cornerstone
needed to allow companies to mitigate the risk and impact of cyber attacks and other
attempts to get this sensitive information.”