Enterprise data breach: causes, challenges, prevention, and future directions

@article{Cheng2017EnterpriseDB,
  title={Enterprise data breach: causes, challenges, prevention, and future directions},
  author={Long Cheng and Fang Liu and Danfeng Daphne Yao},
  journal={Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery},
  year={2017},
  volume={7}
}
  • Long Cheng, F. Liu, D. Yao
  • Published 1 September 2017
  • Computer Science
  • Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery
A data breach is the intentional or inadvertent exposure of confidential information to unauthorized parties. In the digital era, data has become one of the most critical components of an enterprise. Data leakage poses serious threats to organizations, including significant reputational damage and financial losses. As the volume of data is growing exponentially and data breaches are happening more frequently than ever before, detecting and preventing data loss has become one of the most… 
Data Leakage Detection and Prevention: Review and Research Directions
TLDR
A systematic literature review considering a decade of the existing research efforts and makes a critical analysis thereof to highlight the issues and research gaps therein are made and important research directions in the field of data leakage detection and prevention are proposed.
The Challenges of Leveraging Threat Intelligence to Stop Data Breaches
TLDR
The problem of data breaches is reviewed and the challenges of implementing threat intelligence that scales in today's complex threat landscape and digital infrastructure are discussed, followed by an illustration of how the future of effective threat intelligence is closely linked to efficiently applying Artificial Intelligence and Machine Learning approaches.
Cost and Effects of Data Breaches, Precautions, and Disclosure Laws
In recent times the breach of security systems or cyber-attacks leading to unauthorized acquisitions of computerized data that compromises the security, confidentiality, and integrity of personally
Monitoring Leaked Confidential Data
  • S. Trabelsi
  • Computer Science
    2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
  • 2019
TLDR
This work proposes a solution to monitor, in real time, huge streams of leaked data published on hacking sources, which are classified, and confidential information is precisely identified by the combination of inference rules and a Convolutional Neural Network pre-trained model, which recognizes different patterns of confidential data.
Use of Security Logs for Data Leak Detection: A Systematic Literature Review
TLDR
A systematic literature review on the use of security logs for data leak detection proposes a new classification of information leaks, which uses the GDPR principles and identifies the twenty most widely used publicly available datasets in threat detection.
Data Breach and Multiple Points to Stop It
  • D. Yao
  • Computer Science
    SACMAT
  • 2018
TLDR
This keynote will break down the data breach problem and give insights into how organizations could and should do to reduce their risks, including set-based and alignment-based screening techniques, outsourced screening, and GPU-based performance acceleration.
A Comprehensive Analysis of Cyber Data Breaches and Their Resulting Effects on Shareholder Wealth
Cyber Security data breaches are an evolving major risk that corporations, public and private alike, have to contend with as part of their risk management scenarios. Historically, studies evaluating
Using malware for the greater good: Mitigating data leakage
TLDR
The results show that DocGuard is highly effective not only for stopping the initial leak but also in preventing the propagation of leaked files over the Internet and though social networks.
Is Big Data Security Essential for Students to Understand?
Abstract Big Data has become a significant concern of the world, along with the era of digital transformation. However, there are still many young people, especially in developing countries, who are
Zeph: Cryptographic Enforcement of End-to-End Data Privacy
TLDR
This paper presents Zeph, a system that enables users to set privacy preferences on how their data can be shared and processed and enforces privacy policies cryptographically and ensures that data available to third-party applications complies with users' privacy policies.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 71 REFERENCES
Data and Information Leakage Prevention Within the Scope of Information Security
TLDR
The analyses of data breaches reported in 2014 reveal a significant number of data leakage incidents that are not within the focus of the DLP solutions, and indicate that the classification of the provided data breach records is not qualified for detailed investigations.
A survey on data leakage prevention systems
TLDR
This survey is an updated reference on data leakage prevention systems (DLPSs) and explicitly define DLPS and categorise active research directions in this field, and suggests future directions towards developing more consistent DLPSs that can overcome some of the weaknesses of the current ones.
Privacy-Preserving Detection of Sensitive Data Exposure
TLDR
A privacy-preserving data-leak detection (DLD) solution to solve the issue where a special set of sensitive data digests is used in detection, and how Internet service providers can offer their customers DLD as an add-on service with strong privacy guarantees is described.
Breaking the Target: An Analysis of Target Data Breach and Lessons Learned
TLDR
This paper provides insight into the legal aspect of cybercrimes, along with a prosecution and sentence example of the well-known TJX case, and points out an urgent need for improving security mechanisms in existing systems of merchants and proposes three security guidelines and defenses.
M-Score: A Misuseability Weight Measure
TLDR
A new measure is proposed, the M-score, which assigns a misuseability weight to tabular data, and some of its properties are discussed, and its usefulness in several leakage scenarios is demonstrated.
A Survey of Data Leakage Detection and Prevention Solutions
TLDR
This is the first comprehensive book that is dedicated entirely to the field of data leakage and covers all important challenges and techniques to mitigate them and will provide researchers, students and practitioners in the industry with a comprehensive, yet concise and convenient reference source to this fascinating field.
Detecting Data Semantic: A Data Leakage Prevention Approach
TLDR
The results showed that the proposed statistical DLP approach could correctly classify documents even in cases of extreme modification and had a high level of precision and recall scores.
On Data and Privacy Leakage in Web Traffic
TLDR
This thesis develops methods to archive and analyze Web traffic for the investigation of data loss incidents, and discusses how to identify privacyintrusive Web services in order to prevent privacy loss during Web browsing.
A Hybrid Framework for Data Loss Prevention and Detection
TLDR
A hybrid DLP framework that combines signature-based and anomaly-based solutions, enabling both detection and prevention and exploits an operator's feedback on alerts to automatically build and update signatures of attacks that are used to timely block undesired transactions before they can cause any damage.
Data Leakage Detection
TLDR
This work proposes data allocation strategies (across the agents) that improve the probability of identifying leakages and can also inject “realistic but fake” data records to further improve the chances of detecting leakage and identifying the guilty party.
...
1
2
3
4
5
...