Data is one of the most valuable assets for a modern enterprise, so of course, it is a target for theft. Data theft is the unauthorised acquisition, copying, or exfiltration of sensitive information typically stored in digital format.
Data theft targets companies of all sizes. The consequences can be significant, ranging from hefty compliance penalties to reputational damage and financial and operational losses.
Data loss over email is a widespread and growing problem – and yet it is entirely preventable. A recent report by Proofpoint found that 75 per cent of IT professionals in the UAE attribute the main cause of data loss at their organisation to careless employees, attaching the wrong files in an email, emailing sensitive data to a personal account, or sending emails to the wrong recipient.
Even as organisations are investing in data loss prevention (DLP) solutions, 94 per cent of surveyed organisations in the UAE experienced data loss in the past year. Almost all (94 per cent) of those affected faced a negative outcome, such as business disruption and revenue loss (reported by 55 per cent of affected UAE organisations) or regulatory violation/fine (47 per cent).
So, what can UAE businesses do to prevent data theft? Taking a proactive approach toward stopping someone from stealing your data is a must. To prevent data theft, it’s important to recognise that bad actors from the outside aren’t the only threat.
Types of data theft
Insiders, like malicious employees, contractors, and vendors, can also steal data from secured file servers, database servers, cloud applications, and other sources. And if they have the right privileges, stealing that data can be a breeze. Proofpoint’s annual State of the Phish report found that 83 per cent of employees in the UAE knowingly put their organisations at risk, potentially leading to ransomware or malware infections, data breaches, or financial loss. The same report found that a staggering 77 per cent of organisations in the UAE experienced a successful ransomware infection in the past year.
Cybercriminals use phishing to target users through email, text messages, phone calls, and other forms of communication. The core objective of this approach is to trick users into doing what the attacker wants them to do, like sharing sensitive data or providing system login credentials. An attacker can also secretly install malware on a network or a user’s computer to steal data or gain unauthorised access to other systems and applications where sensitive data resides.
Adversary-in-the-middle (AiTM) attacks or AiTM is a form of data eavesdropping and theft where an attacker intercepts data from a sender to a recipient and then from the recipient back to the sender. Through this approach, attackers can obtain passwords, IP, private messages, and other sensitive information. Attackers are also always on the lookout for unpatched software vulnerabilities to exploit. These weak spots can provide a door or offer a pathway that leads to unauthorised access to high-value data.
When users access company resources through unencrypted or poorly secured networks, like public Wi-Fi, they can inadvertently expose data to eavesdroppers. Threat actors can also steal devices like laptops, smartphones or external hard drives to gain access to stored data.
Tips for UAE organisations to safeguard from data theft
Businesses in the UAE need a proactive and multifaceted approach to prevent data theft. Implementing strong authentication measures, including strong password policies, like requiring complex passwords and regular password changes, is crucial. Also, where possible, use multifactor authentication (MFA) for access to vital systems and applications.
Conducting regular audits and vulnerability assessments can help identify potential weaknesses in systems and networks and address them proactively. Security audits can also help identify potential insider threats that can lead to data theft or loss. Keeping software up to date is crucial to ensure company operating systems, software applications, and security solutions have the latest patches and updates that address known vulnerabilities.
Following the principle of least privilege (PoLP), which is based on the idea that you can reduce the potential impact of accidental mishaps, intentional malicious activities, or security breaches by limiting users’ access rights, is essential. Companies can set up formal policies to prevent unauthorised access or transmission of confidential information and use a DLP platform to enforce those policies.
Lastly, providing targeted cybersecurity awareness training can teach users to recognise and resist phishing attempts and other social engineering techniques. A combination of people-centric cybersecurity measures and robust regulation will help UAE organisations develop a proactive approach to data theft.
The writer is Senior Director, Middle East, Turkey & Africa at Proofpoint