The massive problem of data exfiltration may go by many names – data breach, data loss, or data leakage – but regardless of what you call it, the theft of valuable organizational information is a persistent and inescapable problem that is challenging IT security teams globally in two ways.

  1. External hackers have gotten very good at disguising data exfiltration attempts as normal network traffic, making breaches difficult to detect.
  2. Often, trusted internal associates are responsible for data exfiltration, usually by downloading files onto seemingly innocent USB flash drives. According to McAfee’s Grand Theft Data report, internal actors are responsible for 43% of all data exfiltration events.

If you think your company is immune to data exfiltration, then think again. Marriott, Facebook, Equifax, Twitter, Uber, and Sony – despite all their IT cybersecurity talent, resources, and protocols – have experienced data exfiltration, as have hundreds of others.

The Financial Impact of Data Exfiltration

Data breaches can cause devastating financial losses and affect an organization’s reputation for years. From lost business to regulatory fines and remediation costs, data breaches have far-reaching consequences.

The annual Cost of a Data Breach Report, conducted by the Ponemon Institute and sponsored by IBM Security, analyzes data breach costs reported by 507 organizations across 16 geographies and 17 industries. In its 2019 study, the report stated that the global average cost of a data breach was $3.92 million – up 6.4% since 2017. In the United States, the most-expensive data exfiltration country in the world, the average cost was a staggering $8.19 million. As for the most-expensive data exfiltration industry worldwide – healthcare – the average cost of a breach was $6.45 million.

Exactly where do these costs come from? Here is a short list:

  • Fines and legal fees
  • Crisis team management
  • Forensic investigation
  • New security software to prevent future problems
  • Audit services
  • Notifying and compensating customers for credit monitoring services, if the breach includes personally identifiable information or financial information
  • Business disruption and revenue loss from downtime
  • Lost reputation
  • Lost customers
  • Diminished good will

The Easiest Way to Exfiltrate Data

Unfortunately, there are many ways to transfer data from one electronic device to another, including malware, spyware, and brute force. The easiest method, though – the one associated with 43% of data exfiltration events cited in the McAfee report, of which half were intentional and half were accidental – is manually with a thumb drive. The simple and ubiquitous USB flash drive is easy to deploy, effective, and difficult to track unless data hoarding occurs first.

So, if the source of 43% of all data exfiltration events are USB flash drives, then why are we not doing more to lock down all the open ports that exist in organizations today? It’s a good question, and one without a good answer.

Consider these forecasts:

  • Organizations are predicted to spend $12.6 billion on cloud security tools by 2023, up from $5.6 billion in 2018, according to Forrester.
  • Enterprise spending on cloud security solutions is predicted to increase from $636 million in 2020 to $1.63 billion in 2023, attaining a 26.5% CAGR, according to Gartner.
  • The global cybersecurity market is currently worth $173 billion in 2020, growing to $270 billion by 2026, according to Forbes. In addition, by 2026, 77% of cybersecurity spending will be for externally managed security services.

In all this spending on cloud security strategies, where, we ask, is the focus on protecting the physical points of entry – the open computer and network ports that are responsible for nearly half of all data exfiltration events? When considering that it costs only four bucks to lock a USB port, four bucks to lock an HDMI port, and seven bucks to lock a fiber optic port, we wonder why there is so much being spent in an attempt to stop remote hackers, yet we still leave the front doors of our cybersecurity perimeter – those ubiquitous computer and network ports – wide open.

We hope you are wondering this same thing as well.