Digital data risk is a persistent threat to both individuals and organisations the world over. As digital presence crosscuts so much of what we all do and who we are on a day to day basis, the requirement to retain information in the online space endures more than ever.
As a result, this information is constantly at risk from being ‘breached’ through insecure storage, or indeed directly targeted through criminal actors.
This threat is highlighted by a series of relatively high profile recent incidents that have demonstrated just how vulnerable data is to exploitation through technical means and which characterise the nature of digital data risk.
The Marriott Hotels data breach, the Twitter Hack, the Zoom password breach, and the MGM Resort data breach has each meant that individuals (and by extension the organisations of which they are a part) have lost control over significant amounts of their data.
Whilst this bears out the clear reality that the great majority of these incidents that affect the general public are data breaches of some variety (hence the widespread interest they generate), it is how different organisations have been able to react to them that has ultimately defined their legacy.
There is, therefore, a clear requirement to have mitigation and response strategies on both an individual and a personal level. This is best delivered through individual mitigations and having organisations postured to respond. Our organisational response advice will be outlined in another Digital Short in the coming weeks!
On an individual level this mitigation centres around a few key principles:
Use of a password manager and strong unique passwords
Use of a VPN wherever practicable
Implementation of multi-factor authentication
Use of antivirus
Keep software and operating systems up to date