Data breaches are more likely when attackers capture discarded files, including personal information, financial records, or confidential business data, Vibert said. “These forgotten or uncontrolled pieces of data often lack strong protection, making them attractive targets.” In addition, old data can arm cybercriminals with valuable historical information, enabling them to conduct email phishing or social engineering attacks, thus increasing the chances of a successful breach.
8. Not building a bridge to business
Miscommunication with non-technical stakeholders can lead to misunderstandings and confusion, sowing mistrust, lack of support for security systems, and increased challenges when seeking security budget approval, says Jeff Orr, director of research, digital technology at ISG’s global technology research and advisory firm Ventana. Research.
Orr advises on the use of business terminology to communicate key security issues and their impact on business objectives. “Provide examples to help relate security concepts to business operations,” he said, advising CSOs to also bring clarity to security reports. “Review how security decisions can be linked to business impact.”
Source link