Data Breaches: The Main Enemy Within
Keywords:
Confidential information, personal data, data breach, cybercrime, zero trust security model, sustainable digital developmentAbstract
The article is devoted to the study of trends in the field of data breaches in the world and in Russia and the social foundation for this problem. Based on the analysis of global and Russian analytical reports, the most important trends and problems are identified: the continued high level of the number of breaches around the world; a significant increase in the share of external security violators during remote work; the main threat in terms of the volume and value of compromised data is posed by the employees of the organizations themselves, and not by external violators; from the point of view of the potential threat of data compromise, leaving employees are especially dangerous. The problems that are clearly expressed in Russia are analyzed separately: suppression of the facts of data breaches from the media and the public; misunderstanding or unwillingness to invest resources in the development of digital literacy competencies in employees; lack of understanding or unwillingness to increase investments in the prevention of cyber threats, elimination of the consequences of incidents already after their occurrence; high level of vulnerability of the population to data breaches; imperfection of the Russian regulatory framework. As a result, it is concluded that all these problems indicate global unpreparedness, misunderstanding and lack of awareness of the deep foundations for the ongoing digital transformation processes, their risks and potential threats; lack of a systematic, strategic approach to the implementation of technological transformations. A turn to a different understanding of the digital processes means changes not only in the technological, but above all in the social sphere. The current situation, systemic in nature, requires a systematic approach to its resolution, as a turn towards sustainable digital development of the entire society.
References
Беззатеев С.В., Елина Т.Н., Мыльников В.А., Лившиц И.И. Методика оценки рисков информационных систем на основе анализа поведения пользователей и инцидентов информационной безопасности // Научно-технический вестник информационных технологий, механики и оптики. 2021. Т. 21. № 4. С. 553–561. DOI: 10.17586/2226-1494-2021-21-4-553-561
Иванова А.П. Утечка персональных данных: большая проблема в цифровую эпоху (обзор) // Реферативный журнал Государство и право. 2020. № 4. С. 100–107.
Перекрестова В.А., Фурсова П.В. Цифровизация в России: проблемы информационной безопасности // Вестник Прикамского социального института. 2021. № 2 (89). C. 170–176.
Сергеева И.Г., Али Х.М. Анализ технологических рисков финансовых инноваций // Научный журнал НИУ ИТМО. 2021. № 2. С. 23–29. DOI: 10.17586/2310-1172-2021-14-2-23-29
Bayan A., Beloff N., White M. Rise of Big Data — Issues and Challenges // 21st Saudi Computer Society National Computer Conference (NCC). 2018. DOI: 10.1109/NCG.2018.8593166
Gidigbi M.O. Digital Technologies for Sustainable Development: Dual Challenge of Sustainability and Inclusivity Perspective // Law & Digital Technologies. 2021. Vol. 1. P. 27–36. DOI: 10.18254/S123456780015729-2
Hammouchi H., Cherqi O., Mezzour G., Ghogho M., Koutbi M. Digging Deeper into Data Breaches: An Exploratory Data Analysis of Hacking Breaches over Time // Procedia Computer Science. 2019. Vol. 151. P. 1004–1009. DOI: https://doi.org/10.1016/j.procs.2019.04.141
Helman L. Pay for (Privacy) Performance Holding Social Network Executives Accountable for Breaches in Data Privacy Protection // Brooklyn Law Review. 2019. Vol. 84. № 2. P. 523–569.
Marcus D.J. The Data Breach Dilemma: Proactive Solutions for Protecting Consumers’ Personal Information // Duke Law Journal. 2018. Vol. 68. № 3. P. 555–593.
Stier S., Breuer J., Siegers P., Thorson K. Integrating Survey Data and Digital Trace Data: Key Issues in Developing an Emerging Field // Social Science Computer Review. 2020. Vol. 38. Is. 5. P. 503–516. DOI: https://doi.org/10.1177/0894439319843669
