DEREK SMITH: How to safeguard data from malicious criminals

To investigate computer-related issues and/ or audit incidents featuring cyber attacks, forensic analysts use scientific techniques to retrieve data from digital sources. In accordance with standard incident response steps, digital forensics procedures include preparation, identification, containment, eradication, recovery and lessons learned.

Okereafor & Adebola (2020) claim it is common for companies to be negligent, and either ignorant of or lukewarm to, cyber security policies and standards, which can pose challenges to digital forensics. It is well known and published that the breakdowns listed here cause reputational and financial damage when exploited by bad actors. In this article, we will briefly discuss several measures institutions can take to identify risks and safeguard their data from cyber criminals.

Data Classification

The adoption of a data classification model in accordance with global standards, and in alignment with a company’s data sets, is a mandatory requirement. This crucial step sets a pathway to categorising data based on relevance, importance and value. When data is not properly classified, it can be difficult to determine what constitutes a breach of privacy or where the line should be drawn between open data and privacy intrusions. This writer subscribes to the data classifications of restricted or confidential data; sensitive data; and unrestricted or public data.

Understanding possible risks to data security

Various types of threats to data security may exist. For example, an unauthorised third party vendor may gain access to it. Malicious or bad actors could seek to obtain access to confidential information for financial or other purposes. A variety of events may result in the loss or destruction of data by accident.

Mitigating the identified threats

Here are a few measures that companies should consider implementing in order to minimise these threats. They include installing anti-virus software, intrusion detection systems and firewalls to provide robust security. Creating and enforcing policies and procedures regarding the use of information technologies and data, including password requirements and access limitations, should also be a priority. Monitoring and evaluating risks to identify vulnerabilities, and prioritising remediation efforts on a systematic and Board-approved basis, is a must, while data encryption during transit as well as at rest is another key defence mechanism.

Incident response plan implementation

In the event that a data security breach occurs, a comprehensive incident response plan should be pre-established, circulated and tested for efficiencies and inefficiencies. In order to develop an incident response plan, the following elements should be included. First, the designation of key personnel who will respond to a breach. As a second step, an assessment of the scope and nature of the breach should be conducted. Third is the containment of the breach in order to prevent further unauthorised access to sensitive information. Law enforcement should then be notified, if necessary, and the fifth step will involve restoration of data and systems. A final step in improving data security within the company, and establishing a robust incident response plan, is to evaluate the incident and identify lessons learned.


Cyber criminals are becoming more sophisticated, which means that companies and individuals need to better protect their data. It is important for a company to establish the exact level of protection that should be accorded to every digital asset via a clearlypdefined classification process. Security technologies and procedures can be implemented by companies to protect themselves, risk assessments can be conducted periodically, and incident response plans can be developed.

NB: About Derek Smith Jr

Derek Smith Jr. has been a governance, risk and compliance professional for more than 20 years. He has held positions at a TerraLex member law firm, a Wolfsburg Group member bank and a ‘big four’ accounting firm. Mr Smith is a certified anti-money laundering specialist (CAMS), and the compliance officer and money laundering reporting officer (MLRO) for CG Atlantic’s family of companies (member of Coralisle Group) for The Bahamas and Turks & Caicos.


Use the comment form below to begin a discussion about this content.

Sign in to comment