Data Breach Kit: The Ultimate Guide on How Large Enterprises Can Prevent a Data Breach PDF Free Download
1 / 15/15
100%
GUIDE | DATA BREACH KIT
Data Breach Kit
The Ultimate Guide on How Large
Enterprises Can Prevent a Data Breach
GUIDE | DATA BREACH KIT
The ultimate guide on
how Large Enterprises
can Prevent a Data Breach
Large Enterprises Are Top
Targets For Cyber Criminals 03
Five Factors Why Enterprises
Are Susceptible To Data Breaches 04
- Infrastructure Complexity 04
- High-Value Targets 04
- Resource Constraints 04
- Human Error and Insider Threats 04
- Supply Chain Complexity 04
How Do Data Breaches Happen? 05
- System Intrusion 06
- Basic Web Application Attacks 06
- Social Engineering 07
- Miscellaneous Errors 07
- Privilege Misuse 07
What Do Cybersecurity
Agencies Suggest? 08
- Privacy Laws 08
- Industry-specific Security Laws and Standards 08
How Large Enterprises Can
Prevent Data Breaches By
Addressing Breach Pattern 09
- A Layered Approach 10
- Layer 1: Email Security 11
- Layer 2: Security Awareness Training 12
- Layer 3: Endpoint Detection
and Response (EDR) 13
How VIPRE Can Help 14
GUIDE | DATA BREACH KIT 03
Large Enterprises Are Top
Targets For Cyber Criminals
Suffering from a data breach has become
as real as being robbed on the street. The
main difference is that an organization’s
data breach may cause a loss of clients
and reputation in addition to monetary
losses.
According to the World Economic Forum 2023 Global Risks
Report1, cybercrime and cyber insecurity are among the top 10
short- and long-term global risks. Large enterprises are most
likely to be targeted and when they are, the cost is much higher
than other businesses.
Financial, health, and intellectual data are the most likely
categories of data to be stolen. This determines which
industries are most vulnerable to cyber-attacks. According
to the IBM 2023 Cost of a Data Breach report2, the top five
sectors experiencing the highest costs are:
• Healthcare
• Financial
• Pharmaceuticals
• Energy
• Industrial
Additional industries, such as technology, transportation,
communications, education, retail and public administration
also face the risk of inside or outside attackers breaching their
data. All of them are listed in the top industries targeted by
cyber-attacks in various reports.
[1] https://www.weforum.org/reports/global-risks-report-2023/
[2] https://www.ibm.com/reports/data-breach
[3] These effects have been extensively covered in various academic publications. For
example, see the research Psychological Data Breach Harms by Ido Kilovaty, University of
North Carolina School of Law (https://scholarship.law.unc.edu/cgi/viewcontent.cgi?arti-
cle=1432&context=ncjolt) and the article Emotional Experiences of Cybersecurity Breach
Victims at the PubMed Central (https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8563455/)
The IBM 2023 Cost of Data Breach Report indicates
that the global average total data breach cost reached
USD 4.45 million, marking a cumulative increase of
15.3% since 2020. These costs include:
• Activities to reasonably detect a breach.
• Notifying affected individuals, data protection
authorities, and other third parties.
• Post-breach communication and redress activities.
• Lost business opportunities and revenue due to
system downtime.
Besides the tangible costs, enterprises must account
for the hidden costs of a data breach, such as the time
required to clean up the mess, the emotional, mental,
and psychological impact on their employees3, and the
efforts required to rebuild trusted relationships with
customers, partners, and suppliers.
GUIDE | DATA BREACH KIT
Five Factors Why Enterprises Are
Susceptible To Data Breaches
01. Infrastructure Complexity
Large enterprises typically have extensive and complex IT
infrastructures with numerous interconnected systems,
applications, and databases. This complexity increases the
attack surface, providing more opportunities for cybercriminals
to exploit vulnerabilities and gain unauthorized access to
sensitive data.
02. High-Value Targets
Large enterprises often possess vast amounts of valuable
data, including customer information, financial records, and
intellectual property. This makes them attractive targets for
cybercriminals who seek to compromise or exploit such data
for financial gain or competitive advantage.
03. Resource Constraints
Paradoxically, while large enterprises may have substantial IT
budgets, they also face resource constraints. Cybersecurity
skills gaps affect all industries and businesses regardless of size.
Managing and securing a sprawling network of devices
and systems can be challenging, especially with understaffed
security departments, leading to gaps in security coverage,
outdated software, and delayed patching of vulnerabilities.
For instance, since the GDPR enforcement in May 2018, Data Protection Authorities (DPAs)
have imposed fines that the cumulative total reaches €4 billion4.
Data breaches may also involve compliance penalties for violating privacy
requirements enshrined in respective regulations and acts.
If we examine the operational and technical environment
of large enterprises, we can identify five factors
contributing to increased vulnerability to data breaches.
04. Human Error and Insider Threats
With a large workforce, the risk of human error and
insider threats increases. The Verizon 2023 Data
Breach Investigations Report5 highlights that the
human element is responsible for 74% of all data
breaches, while human errors account for 13% of
these compromises. Employees and contractors may
inadvertently or intentionally compromise security
through social engineering, phishing, or misconfigurations.
Detecting and mitigating these threats can be more
challenging in a large organization.
05. Supply Chain Complexity
Large enterprises often have extensive supply chains
and partnerships. These external connections can
introduce security risks, as cybercriminals may target
smaller, less secure partners to gain access to the
larger enterprise’s network. Ensuring the security of
the entire supply chain can be daunting.
The IBM 2023 Cost of a Data Breach report indicates
that complexity and skills gap are the two most impactful
factors for amplifying the cost of a data breach.
Organizations with high levels of security skills
shortage experience costs that are 34.6% higher
compared to organizations with lower levels of talent
gap. In addition, a difference of 31.6% occurred
between high levels and low levels of security
system complexity.
04
[4] https://www.enforcementtracker.com/?insights
[5] https://www.verizon.com/business/resources/reports/dbir/
GUIDE | DATA BREACH KIT
How Do Data
Breaches Happen?
The latest iteration of the Verizon Data
Breach Investigations Report includes
some interesting findings that every
business, no matter their size,
should study.
• The human element is involved in 74% of data breaches.
This includes mistakes, malicious insiders, misconfigurations,
use of weak passwords, etc.
• 83% of the breaches are attributable to external actors,
which means that insiders – employees, partners, and
suppliers – are responsible for 17% of data breaches.
• Stolen credentials, phishing attacks, and vulnerability
exploitation are the top three data breach vectors.
• Ransomware is not going away any time soon and is
involved in 24% of data breaches.
Figure 1: Verizon 2023 Data Breach Investigations Report Key Findings. Source: Verizon.
05
GUIDE | DATA BREACH KIT
How Do Data
Breaches Happen?
Figure 2: Data Breach Patterns. Source: Verizon 2023 Data Breach Investigations Report.
Examining the tactics and techniques criminals use to steal
and compromise data is essential for large enterprises to craft
their defenses. Again, Verizon sheds light on the patterns used.
According to the report, the most common data breach patterns
are the following:
System Intrusion
System intrusion attacks leverage malware and/or malicious
hacking to achieve their objectives. These attacks include
deploying ransomware and exploiting unpatched vulnerabilities;
hence, system intrusion has become the most common attack
tactic. According to Verizon, “Malware is largely distributed
via email and often comes in the form of Microsoft Office
documents. Email as a vector isn’t going away any time soon.
The convenience of sending your malware and having the
user run it for you makes this technique timeless.”
Basic Web Application Attacks
These attacks are against a public-facing web
application; after the initial compromise, criminals do
not perform many additional actions. It is the “get in,
get the data, and get out” pattern. 89% of web app
attacks involve the use of stolen credentials.
06
GUIDE | DATA BREACH KIT
Social Engineering
Involves the psychological compromise of employees to
manipulate their behavior into breaching data confidentiality
and integrity. Social engineers “use the information they have
learned about you and your loved ones to trick you into believing
the message is truly from someone you know, and they use this
invented scenario to play on your emotions and create a sense
of urgency.” Phishing and Business Email Compromise
(BEC) attacks belong in this category. According to Verizon,
BEC accounts for 50% and phishing for 44% of all social
engineering attacks.
Miscellaneous Errors
These are incidents where unintentional employee actions
compromise a security attribute of an information asset.
Many unintentional insider incidents fall under this category,
for example, a data leak because of email misdelivery. It is vital
to highlight that employees with privileged access rights, such
as developers and system admins, commit most errors that
lead to breaches.
Privilege Misuse
This is the case of malicious insiders. These incidents are
predominantly driven by unapproved or malicious use of
legitimate privileges. Malicious insiders are predominantly
financially motivated.
07
How Do Data
Breaches Happen?
GUIDE | DATA BREACH KIT
What Do Cybersecurity
Agencies Suggest?
Large enterprises usually operate in a
highly regulated environment, where
security and privacy laws and standards
provide the guardrails for developing
internal security policies and procedures.
Without going into too much detail, the following are some
examples of established regulations that large enterprises
must comply with.
Privacy Laws
With almost 75% of global countries having enforced a privacy
regulation, large enterprises must adhere to multiple requirements
for data protection, which often complement each other. Most
notable examples include the EU GDPR, the California Consumer
Privacy Act (CCPA) in the United States, the General Data
Protection Law (LGPD) in Brazil, the Protection of Personal
Information Act (POPIA) in South Africa, and the Personal
Information Protection Law (PIPL) in China.
Industry-specific Security Laws
and Standards
A great number of large enterprises are part of the
critical national infrastructure – banks, transportation,
utilities, communications, and pharmaceuticals.
Because of the importance and the impact of a
potential cyber-attack against these critical
organizations, governments have published numerous
security regulations and standards, including:
• Network and Information Systems Security Directive
(NIS2) for all critical infrastructure entities in the EU.
• Digital Operational Resilience Act (DORA) for the
financial sector in the EU.
• NIST Cybersecurity Framework in the United States.
• NERC Critical Infrastructure Protection (NERC CIP)
for the United States and Canada energy grid.
• Health Insurance Portability and Accountability Act
(HIPAA) for protected health information in the
United States.
All these regulations (and many more) provide
extensive requirements for the protection of sensitive
and critical data by the respective entities.
08
GUIDE | DATA BREACH KIT
How Large Enterprises Can Prevent Data
Breaches By Addressing Breach Patterns
The principal concern of these enterprises is to keep the business
operational, as they have little tolerance for downtime, while keeping
their critical data resilient against increasing and sophisticated attacks.
The biggest challenge in achieving this goal is the complex and
distributed environment of these companies which requires a more
simplified and pragmatic approach to cybersecurity.
Cybersecurity guidance for large enterprises would be valuable if it addresses the
patterns that criminals follow to reach and compromise data. By placing obstacles on
the pathway to data, these organizations can prevent data breaches from happening.
When designing the measures required to
protect large enterprises from data breaches,
we should consider two essential factors:
09
01
02
GUIDE | DATA BREACH KIT
Vipre Offers A Flexible
And Layered Approach
Layered cybersecurity is a pragmatic approach to protecting
people, data, and systems and allows flexibility in addressing
evolving cyber threats and managing human risks. Instead of
following a monolithic and hard-to-sustain cybersecurity
The next part of this guide follows a layered approach to cybersecurity.
It includes commercially available security tools and features to address
the most common breach patterns analyzed above.
posture, a flexible and layered approach allows large
enterprises to become agile enough to be resilient
against evolving and more advanced cyber threats.
Malware, trojans, etc
Malicious executables that attack your endpoints
and attempt to compromise them, often through
software vulnerabilities.
Ransomware
Specific class of malware that attempts to encrypt
or steal your data files.
Spam and unwanted content
Spam, unwanted advertisements, etc.
Phishing
Attempts to steal data or infect endpoints by
tricking your users into doing something.
Data theft and leakage
Attempts to steal data, or your users' accidental
or malicious attempts to send your data somewhere.
Undesirable/offensive content
Distracting or offensive websites and other content.
Malware, trojans, etc
Ransomware
Spam and
unwanted
content
Phishing
Data theft and leakage
Undesirable/offensive content
Monitored attack vectorsVulnerability Layers
Y
O
U
R
N
E
T
W
O
R
K
Y
O
U
R
E
M
A
I
L
Y
O
U
R
B
R
O
W
S
I
N
G
Y
O
U
R
A
P
P
S
Y
O
U
R
F
I
L
E
S
Y
O
U
R
P
E
O
P
L
E
VIPRE
Layered
Security
Attack definitions
Information:
Key
Environment not protected, at risk
Basic protection
Sophisticated protection
Advanced multi-layer protection
N/A (no threat exists)
10
GUIDE | DATA BREACH KIT
Layer 1: Email Security
Email is the most targeted attack vector, and criminals leverage
it to launch phishing, BEC, and ransomware attacks.
A comprehensive email security solution should go beyond basic
protections provided by email vendors, such as Microsoft
Outlook, to address sophisticated threats and attacks while
preventing accidental disclosure of sensitive data
through email misdelivery. If you are looking for an
email security solution, make sure it offers the
following capabilities to thwart phishing and BEC:
Email Security:
• Anti-spam and malware scanning to reduce the
potential of ransomware attempts.
• Anti-phishing scanning and phishing protection
through link isolation.
• Attachment sandboxing to scan incoming messages for
infected attachments in an isolated environment without
risking the operational environment.
• Email encryption to ensure the integrity of your
email communications.
• Outbound checks to check that only legitimate
information leaves the company and reaches the
intended recipients.
With a comprehensive email security solution,
enterprises can effectively protect:
• Their inboxes from malware and ransomware intrusion
• Their people from phishing schemes
• Their data from accidental disclosure through
misdelivery
Malware, trojans, etc
Ransomware
Spam and
unwanted
content
Phishing
Data theft and leakage
Undesirable/offensive content
Monitored attack vectorsVulnerability Layers
VIPRE
Layered
Security
Y
O
U
R
N
E
T
W
O
R
K
Y
O
U
R
E
M
A
I
L
Y
O
U
R
B
R
O
W
S
I
N
G
Y
O
U
R
A
P
P
S
Y
O
U
R
F
I
L
E
S
Y
O
U
R
P
E
O
P
L
E
11
Key: Not protected, at risk N/A (no threat exists)Basic Sophisticated AdvancedProtected:
Vipre Offers A Flexible And Layered Approach
Figure 3: Email security provides a solid layer of protection against various threats to your organization
GUIDE | DATA BREACH KIT
Cybersecurity strategies need to go beyond technology and
processes to be effective. Cybersecurity awareness is about
managing human risks and empowering your people to
recognize and react to threats that go past automated email
Layer 2: Security Awareness Training protections. The best way to address the human
element of cybersecurity is to raise security awareness
through a training program. Although many vendors
offer security awareness training, you should look for
solutions that offer customizable and localized
content, delivered in an engaging format to enhance
motivation and knowledge retention.
The overall goals of security awareness training are to:
• Reduce human error • Recognize risks • Increase learner retention
When assessing a security awareness training vendor,
look for the following attributes:
Production Quality
The learner needs to feel compelled to engage with the material.
Getting the learner’s attention from the beginning helps to hold
their focus throughout their information security training.
Content that Creates Value
Adults need to see value in the training material – They need to
know what they can take away from it that furthers their interests
or helps them. In the case of cybersecurity, they need to know how
the learning will help protect them, their job, and their families.
Relevant and Relatable
Adults also need to relate learning material back to what they know
or have experienced. It’s important that they see imagery relevant
to their day-to-day lives. If it’s not relevant to them, it can come
across as a waste of their time.
Breaking the Routine
Mandatory training can get routine. Integrate engaging and
immersive content, such as game-based simulations, virtual
reality, and role-playing, to help keep learners engaged.
Additionally, security awareness training should be a
continuous effort to help keep it top of mind.
The combination of email security and security awareness
training greatly enhances the protection offered to an enterprise.
Besides protecting incoming and outgoing traffic, businesses
manage human risk more effectively and protect their people from
sophisticated attacks.
Email Security and Security Awareness Training are critical for
preventing many common threats, especially given how common
email attacks are and how many of them prey upon naive user
behavior. But even with these two layers in place, there is still a risk
of exposure - to alternate attack vectors and to users who may still
make mistakes.
Malware, trojans, etc
Ransomware
Spam and
unwanted
content
Phishing
Data theft and leakage
Undesirable/offensive content
Monitored attack vectorsVulnerability Layers
VIPRE
Layered
Security
Y
O
U
R
N
E
T
W
O
R
K
Y
O
U
R
E
M
A
I
L
Y
O
U
R
B
R
O
W
S
I
N
G
Y
O
U
R
A
P
P
S
Y
O
U
R
F
I
L
E
S
Y
O
U
R
P
E
O
P
L
E
12
Key: Not protected, at risk
N/A (no threat exists)Basic Sophisticated Advanced
Protected:
Key: Not protected, at risk
N/A (no threat exists)
Basic Sophisticated AdvancedProtected:
Vipre Offers A Flexible And Layered Approach
Figure 4: How email security and security awareness training improve your enterprise cybersecurity posture.
GUIDE | DATA BREACH KIT
Should an attacker manage to get past the protections of email
security and the human firewall, businesses need a third
security layer to detect and block the threat. This is the job of
Endpoint Detection and Response (EDR). An EDR solution not
only helps detect threats that slipped through the cracks but
also identify and patch vulnerabilities in all the endpoints
Layer 3: Endpoint Detection and Response (EDR)
These are the features you should be looking for:
• File and email scanning to detect sophisticated malware
that slipped through the email security solution.
• Behavior monitoring to spot abnormal and suspicious
actions on your endpoints and in your network.
• Network analysis and protection to discover lateral
movements across your systems hidden from other
safeguards.
• Patch and vulnerability management to harden your
endpoints and close any security gaps.
• Rapid remediation tools such as device isolation
and remote shell technology.
• Integration with business workflows through
out-of-the-box plugins to minimize friction and
enable seamless and timely reporting.
Combine a high-quality EDR solution with a VPN, to
protect remote employees from eavesdropping and
possible data leakage, and you will have near-complete
coverage of all attack vectors against even the most
sophisticated attacks.
Malware, trojans, etc
Ransomware
Spam and
unwanted
content
Phishing
Data theft and leakage
Undesirable/offensive content
Monitored attack vectorsVulnerability Layers
VIPRE
Layered
Security
Y
O
U
R
N
E
T
W
O
R
K
Y
O
U
R
E
M
A
I
L
Y
O
U
R
B
R
O
W
S
I
N
G
Y
O
U
R
A
P
P
S
Y
O
U
R
F
I
L
E
S
Y
O
U
R
P
E
O
P
L
E
13
– applications, smart devices, cloud instances – an
enterprise has. In addition, an EDR solution should
be simple but robust enough to uncover suspicious
behaviors and provide reporting integrated within the
normal business workflows.
Vipre Offers A Flexible And Layered Approach
Key: Not protected, at risk N/A (no threat exists)Basic Sophisticated AdvancedProtected:
Figure 5: The combination of all three layers (EDR, email security, and security awareness training)
provides the most comprehensive security for large enterprises, reducing the potential and impact of a successful data breach
GUIDE | DATA BREACH KIT
How VIPRE can help
VIPRE Security Group offers a comprehensive portfolio of security solutions
tailored to businesses of any size to help prevent data breaches. Our products
are regularly evaluated and ranked as top solutions in their respective categories.
With VIPRE, you are working with:
• A global company with a 20+-year history of delivering high-quality, robust security solutions.
• Top-rated, personable support that consistently receives the industry’s highest customer satisfaction ratings.
• An engineering team that focuses on building easy-to-use, attractive, and effective products.
Malware, trojans, etc
Malicious executables that attack your endpoints
and attempt to compromise them, often through
software vulnerabilities.
Ransomware
Specific class of malware that attempts to encrypt
or steal your data files.
Spam and unwanted content
Spam, unwanted advertisements, etc.
Phishing
Attempts to steal data or infect endpoints by
tricking your users into doing something.
Data theft and leakage
Attempts to steal data, or your users' accidental
or malicious attempts to send your data somewhere.
Undesirable/offensive content
Distracting or offensive websites and other content.
Malware, trojans, etc
Ransomware
Spam and
unwanted
content
Phishing
Data theft and leakage
Undesirable/offensive content
Monitored attack vectorsVulnerability Layers
Y
O
U
R
N
E
T
W
O
R
K
Y
O
U
R
E
M
A
I
L
Y
O
U
R
B
R
O
W
S
I
N
G
Y
O
U
R
A
P
P
S
Y
O
U
R
F
I
L
E
S
Y
O
U
R
P
E
O
P
L
E
VIPRE
Layered
Security
Attack definitions
Information:
Key
Environment not protected, at risk
Basic protection
Sophisticated protection
Advanced multi-layer protection
N/A (no threat exists)
Products:
Endpoint Protection
✓ Endpoint Detection & Response
✓ Managed Detection and Response
✓ Endpoint Cloud
✓ File Scanning
✓ Behavior Monitoring
✓ Browser Plugin
✓ Email Scanning
✓ Network Protection
✓ Patch/Vulnerability Management
✓ Endpoint Web Access Control
Network Protection
✓ Encrypt.Team
Email Protection
✓ SafeSend DLA
✓ SafeSend
✓ Email Advanced Threat
✓ Email Cloud
✓ Anti-spam Scanning
✓ Malware Scanning
✓ Anti-phish Scanning
✓ Outbound Checks
✓ Attachment Sandboxing
✓ Link Isolation
✓ Phishing Protection
✓ Encryption
✓ Archiving
✓ Image Analyzer
User & Data Protection
✓ Security Awareness
✓ Security Basics
✓ Defeat Social Eng.
✓ The Malware Threat
✓ Defend Ransomware
✓ Defend Phishers
✓ Email and IM Security
✓ Social Media
✓ Anti-Harassment
✓ Respectful Workplace
Solutions range
14
VIPRE_2023_DATABREACHKIT_LARGE_ENTERPRISES_1115_US | ©2023 VIPRE Security Group. All rights reserved. VIPRE is a registered trademark of Ziff Davis, Inc.
Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies.
DACH Sales
dach.sales@vipre.com
+49 30 2295 7786
Nordics Sales
nordic.sales@vipre.com
+45 7025 2223
UK and other regions
uksales@vipre.com
+44 (0)800 093 2580
North America
sales@vipre.com
+1 855 885 5566
To discover what VIPRE can do for your business,
get a free demo or speak to an expert.
