Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityLogical SecuritySecurity & Business ResilienceSecurity Education & Training

The impact of a data breach

By Tommy Johnson
green and red network data

Image from Unsplash

September 13, 2022

Almost everyone has been impacted by a data breach. Data breach effects can scale from requiring employees to change their credentials to larger scale cyberattacks that involve malware or ransomware.

Cyber incidents including data breaches, phishing and ransomware have become commonplace — a foregone conclusion for operating in a digital economy. While everyone knows that the internet never truly forgets, and data lives in perpetuity in far-flung corners of the web, the impacts on organizations, employees and incident responders can also take a mental toll.

Data breaches are security incidents in which threat actors access sensitive information, often leaking it onto the public internet. Data breaches increased 14% in the first quarter of 2022, according to the Identity Theft Resource Center (ITRC). Of the 404 breaches in the ITRC report, 110 resulted directly from phishing attacks.

How data breaches occur & impact organizations

The long-term ramifications of a data breach can ripple through an organization, impacting everyone from an organization’s user base, its employees, and the cybersecurity teams responsible for remediation.

Phishing is a social engineering attack that employs psychology to influence and motivate readers into responding to a spoofed message — often an email — that they perceive as being from a trusted source. Employees may feel hesitant to report they have fallen victim to phishing out of embarrassment or fear of reprisal. A joint study from Stanford University Professor Jeff Hancock and security firm Tessian showed employees are hesitant to reveal their cyber mistakes if organizations judge them severely.

Cyber incidents have increased rapidly over the last few years, with ransomware and data breaches making their way into public consciousness following a slew of high-profile attacks. Combined with the rush to support remote work, many organizations have found themselves in a situation where interim solutions have become the de facto security stack — leaving them exposed to threat actors that exploit weak technologies independent of industry or organization size.

According to ThreatConnect, those on the frontline of cyberattacks and data breaches may find the speed and scale of these digital threats “insurmountable and infinitely expensive.” In today’s digital economy, security teams alone cannot adequately address cyber risk; instead, companies need to create a layered defense-in-depth approach to tackle cyber risk. 

In a survey of 500 IT decision-makers, ThreatConnect found the frequency and severity of attacks are impacting the mental health of cybersecurity professionals; 32% or respondents reported feeling highly stressed about work and more than half said their stress levels had increased over the last six months alone. Gartner has argued that the role of cybersecurity leaders needs to be reframed: “Cybersecurity leaders are burnt out, overworked and in ‘always-on’ mode,” said Sam Olyaei, research director at Gartner. 

It’s important to note that cybersecurity burnout threatens more than just security and IT teams. Human error is a significant factor in data breaches and, as the Stanford/Tessian study found, nearly half (47%) of employees cited distraction as the reason they fell for a phishing attempt, while the other 44% blamed being tired or stressed.

Threat actors are opportunistic and data breaches happen, but they don’t have to be career- or company-ending. Organizations with a good security culture learn from data breaches by implementing policies and controls to reduce the risk of a future risk. Cybersecurity awareness training programs help give employees the tools to recognize, report and respond appropriately to phishing attempts. Technologies such as multi-factor authentication (MFA), endpoint detection and response (EDR), next-generation firewalls, and offline backups can make a huge difference in network defense.

In addition, data breaches can be the gift that keeps on giving for threat actors. Some technical vulnerabilities require a user to be authenticated before they can run the exploit. Data breaches significantly increase the chance of these attacks being successful. A great example of this is a recent Microsoft Exchange vulnerability announced in March 2022. The more credentials are published in data breaches online, as we saw with the LinkedIn data breach in 2021, the more likely these types of exploits will be successful in the future.

However, tools are only one part of the solution, and alert fatigue can result in valid cyber risks getting lost in the noise. Alert fatigue occurs when security professionals become overwhelmed by the volume and repetitive nature of the alert queue, losing the ability to distinguish alerts that represent actual issues (true positives) and everything else.  

The aftermath and recovery from a data breach

The short-term consequences of a data breach include immediate remediation and any potential fines associated with information that threat actors may extract. In the short term, a cyber insurance provider can help businesses handle root cause analysis and cover the fees related to reporting a breach and, in some cases, the reputational damage associated with the breach. However, the long-term consequences of a data breach never really go away. The internet never forgets, and even with professional cleanup and remediation, data is never truly recovered or deleted.

To effectively implement a recovery-in-depth solution, organizations should treat more than just the symptoms of a data breach. Implement offline backups and test them regularly — today, exfiltrating data is often a common occurrence in ransomware attacks. Implement a layered defense-in-depth approach to security controls and procedures. Be mindful that the toll of these incidents is more than being made whole monetarily.

KEYWORDS: burnout cyber incident response cyber security research data breach data recovery phishing

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Tommy Johnson is a cybersecurity engineer at Coalition — an Active Insurance company and provider of cyber insurance, and on a mission to help solve digital risk. Johnson has an extensive background in both psychology and cybersecurity.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • socialmedia1-900px.jpg

    Social Media Exposure Can Exacerbate the Negative Impact of a Data Breach

    See More
  • data-enews

    How a Security Breach Can Impact the Value of Your Brand

    See More
  • data-breach-notification-freepik.jpg

    The do’s and don’ts of communicating a data breach

    See More

Related Products

See More Products
  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • school security.jpg

    School Security: How to Build and Strengthen a School Safety Program

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!