Data Destruction: The Final Line of Defense Against Cyber Attacks

June 3, 2024

In any cybersecurity plan, it is important to have a robust inventory of all the data in your enterprise’s possession, with knowledge of where it’s stored, who it impacts, and what measures are in place to protect it. However, much of the data stored by an enterprise at any particular time may not actually be in use. Data naturally accumulates, and data that is not of use to an enterprise could still be of use to a threat actor if exfiltrated. Between the risks of data theft, and the new legal requirements imposed by laws such as the European Union’s GDPR, it is important for organizations to consider data destruction at regular intervals.

Data destruction generally means the removal of sensitive data that is no longer in use from data storage devices. This can include customer records, login details, passwords, financial data, intellectual property, and any other personal identifying information. Per the GDPR, enterprises are required to delete this data when it is no longer required. However, the method of data destruction employed can have varying outcomes. Not all forms of data destruction make data unrecoverable. In a recent data recovery study of 100 hard drives, most still contained residual data. Threat actors can potentially recover and make use of that residual data. Large enterprises can also face huge fines if their data is not disposed of properly, such as the fine Morgan Stanley faced in 2022. For both these reasons, it is a good idea for enterprises to have a data destruction solution ready to implement, preferably one that includes multiple methods of data erasure.

More from Blackwired

December 23, 2024

INTERPOL urges end to 'Pig Butchering' term, cites harm to online victims

INTERPOL urges using "romance baiting" instead of "Pig Butchering" to reduce victim shame and encourage reporting online scams.

Read more
December 16, 2024

CISOs need to consider the personal risks associated with their role

CISOs face personal liability for cybersecurity incidents, boosting accountability but increasing stress and deterring professionals.

Read more
December 9, 2024

The Shocking Speed of AWS Key Exploitation

AWS keys exposed online are exploited in minutes, highlighting the need for faster detection and response to prevent breaches.

Read more