In a year that has seen a steady stream of cybersecurity incidents in the headlines, AT&T Wireless is one of the latest organizations to admit it was affected by a major data breach. The company acknowledged in July that call and text logs for 109 million wireless users were improperly obtained from third-party provider Snowflake’s cloud. The stolen records included every number that AT&T Wireless users called or texted with, as well as the locations of cell sites. AT&T said in a filing with the Securities and Exchange Commission (SEC) that an internal investigation uncovered the data theft in April.
Since data security directly correlates with building trust, what lessons can we learn from the AT& Wireless breach as we look to strengthen our cloud security defenses?
Thales, the global leader in data security.
Beyond regulatory requirements
This recent third-party breach is a reminder that compliance with cybersecurity standards is not just a regulatory requirement, but a fundamental requirement for protecting all sensitive data. In fact, Thales’ latest Data Threat Report found that companies that fail compliance checks are 10 times more likely to suffer a data breach than those that do. Specifically, 84% of these companies report having some sort of breach history, and 31% say they experienced a breach within the past 12 months. The correlation is clear: compliance goes hand in hand with robust cybersecurity.
Companies with truly robust security continually assess their security posture, rather than viewing compliance as a check-box task that can be completed annually. This allows them to regularly evaluate and audit their defenses and change how they authenticate their systems and data accordingly. This not only ensures compliance with new compliance requirements, but also keeps pace with evolving threats.
Thinking Beyond Yourself: Supply Chain
No company operates in a silo. They rely on contractors, suppliers, and vendors from different departments to function. But this interdependence also means that many other stakeholders are connected to the company’s network in some way. This means that even if your security measures are robust, they may fall short if a bad actor uses a third-party vulnerability in your supply chain as a gateway. In fact, this is exactly what happened in the case of AT&T Wireless, when their third-party software was compromised.
In addition to strict access controls to segment access to sensitive data, you also need to assess the security of your suppliers themselves. Mandating cybersecurity compliance will give you a clear picture of whether your stakeholders have taken the necessary measures and can be considered trustworthy suppliers. The security of people in your supply chain should also be considered when conducting business risk assessments, monitoring for threats, and performing tabletop exercises to simulate attacks.
Understanding the data
Understanding what data resides within your network, in this case phone numbers, may seem like a very basic step, but it is a vital step to truly understand your risk landscape.
It’s wise to start by conducting an audit to understand what data is managed, where it’s stored, and what safeguards are in place to protect it. From there, you can classify assets based on their risk state, assess current vulnerabilities and potential risks, and address weaknesses in your data protection mechanisms.
Prioritize strong defense and proactive monitoring
Strong encryption, regular software updates, multi-factor authentication (MFA), and identity management systems are just some of the basic measures organizations need to take to reduce the risk of a breach or exposure. And, worryingly, less than 10% of companies say they encrypt more than 80% of their sensitive cloud data, highlighting how important pervasive encryption is for data at rest or in transit. But having a strong defense is only part of the solution.
Because human error is the leading cause of cloud data breaches, continuous monitoring of your activities and posture is another fundamental line of defense in case a threat actor gains access to credentials. This proactive approach automates the detection of non-compliant, risky, or suspicious data access behavior to prevent intrusions.
Security by Design
Cyber threats are constantly evolving, and the only way organizations can stay ahead of the curve is to adopt a security-by-design approach to cybersecurity, integrating security into every stage of system development. This proactive stance allows vulnerabilities to be addressed from the start, reducing the likelihood of them being exploited, rather than retroactively introducing new countermeasures into legacy software and hardware.
This approach should form part of a broader security strategy that includes multi-layered security measures such as MFA, encryption and continuous monitoring to provide even greater protection. Relying on a single point of failure is dangerous for any business protecting critical information. Instead, organizations should diversify their defenses so that multiple points of failure would need to be compromised for a malicious actor to gain access.
lastly
The number of businesses whose sensitive data is being targeted is exploding. AT&T Wireless is one of several large companies that have suffered cybersecurity breaches in recent years, and unfortunately, it won’t be the last. However, we are at a crossroads to take actionable steps to mitigate those risks. A multifaceted, proactive and constantly evolving approach is required.
And there’s good reason to act now. Not only should the financial impact of such a breach and the loss of valuable intellectual property be underestimated, but the reputational damage and cascading loss of customer trust should also not be underestimated. Security helps companies build trust with consumers, but stories like the AT&T breach show how easily that trust can be shattered and reputations tarnished.
We list the best patch management software.
This article was produced as part of TechRadarPro’s Expert Insights channel, featuring the best and brightest minds in technology today. Opinions expressed here are those of the author and not necessarily those of TechRadarPro or Future plc. If you’re interested in contributing, find out more here. https://www.techradar.com/news/submit-your-story-to-techradar-pro
