Uber’s recent data breach, which exposed sensitive employee and customer data to the BreachForums hacking forum, was the latest in a string of security incidents to hit the company in the last few years.
While they are unfortunate events, there are lessons we can learn from the breach that can help organizations avoid the repercussions of a serious cyber-attack. The latest Uber breach shows that even the largest organizations with advanced security teams have weak links that cybercriminals are ready to exploit. The frequency with which Uber has been breached over time underscores the ever-growing impact of third-party risks. As a result, the industry needs to stay hyper-vigilant about the access that third-parties have to organizations and their data. Given the expanse of the corporate supply chain, third-parties have become an extension of enterprise attack surfaces and security teams must prepare accordingly or face the same potential fate as Uber. By proactively implementing these four best practices, businesses will have a leg up in shielding themselves from an attack.