As you probably know, data is the oil of the 21st century: digital information both lubricates and ignites nearly every innovation that is transforming business, payments, and commerce.
but, news Following a cyber attack on auction house Christie's which led to the theft of collector details and art location data, affecting an estimated 500,000 customers, understanding what criminals can interpret from stolen data and adopting best practices to protect sensitive information has become a top priority for forward-thinking businesses.
After all, this is the second time in less than a year that Christie's has suffered a cyberattack that led to a data breach. In August of this year, the auction house Suffered Another break-in exposed the whereabouts of art belonging to some of the world's richest collectors.
And Christie's isn't the only place cyber gangs have been targeting recently. Revealed Cybercriminals reportedly raided the BBC's pensions database a week ago, stealing the records of more than 25,000 past and present employees.
The data released included names, dates of birth, gender, national insurance numbers and home addresses.
In today's backdrop of constantly evolving and increasingly dangerous threats, it is more important than ever for businesses, especially small and vulnerable businesses, to protect themselves.
The first step to establishing a proactive and productive cyber defense program is to understand not only how fraudsters are compromising your company's vulnerabilities, but also what they are doing with the company data they obtain.
reference: Attack Vectors 2024: Extending Effective Cyber Hygiene Across Your Business
Data security determines business success in the digital age
PYMNTS Intelligence reports that 82% of e-commerce businesses have reported cyberattacks or Data Breach Last year, 47% of these retailers said they lost both revenue and customers due to breaches.Fraud management in online transactions”, PYMNTS Intelligence and Nubay collaboration.
There are several reasons why cybercriminals are interested in the data that businesses collect about their customers. Personal and financial information, such as credit card numbers, bank account details, and Social Security numbers, can be sold on the dark web or used in identity theft and fraud. Cybercriminals can also use this data to conduct fraudulent transactions and take over accounts.
As in Christie's case, attackers can also use stolen data to blackmail businesses and individuals – ransomware attacks are a common tactic that encrypts data and demands a ransom for its release.
Detailed customer information can be used to create convincing phishing emails and social engineering attacks to trick individuals into divulging more sensitive information or accessing secure systems. A chain reaction from this type of attack is also that cybercriminals can combine the stolen data with other information to create a comprehensive profile of an individual that can then be used in more sophisticated frauds or sold at a higher price.
“The fraud industry is moving to real-time learning because fraudsters are real-time. In cyberspace, there are things called zero-day attacks, which are basically You will be attacked on the first day.“And before you even know what the solution is, you'll be under attack, because the bad guys are way ahead of you.” Simon SteinmetzChief Financial Officer of Risk Assessment and Fraud Prevention Solutions Vestasaid PYMNTS.
Therefore, to protect customer data in the face of evolving threats, businesses are encouraged to adopt a multi-layered security approach.
reference: As payments enter the zettabyte era, data security becomes a top priority
Keeping your data safe means keeping your growth safe
By understanding the motivations behind cybercriminals' actions and implementing strong security measures, businesses can better protect customer data and maintain trust in the digital age.
In the financial services sector, PYMNTS Intelligence research shows that financial institutions Tool range To prevent fraud, financial institutions generally say they are using a combination of their own fraud prevention systems, third-party resources and new technologies to protect their organizations and their customers.
To respond quickly and effectively to a security breach, it is also important that companies develop and regularly update an incident response plan, which should include containment, eradication, recovery and communication procedures.
“After-action reports help us understand what our business continuity plans were and where they went wrong… Attention to hygienethat will show up in the report. That's why it's so important to conduct red team exercises and mock events.” Matanda DosExecutive Director and Chief Manager of Information Security at a commercial bank. J.P. MorganHe spoke to PYMNTS in December.
With many fraudsters ultimately going after easy targets, effective data security is paramount to maintaining customer trust and ensuring business growth.