Light Dark
November 19, 2024 By Jennifer Gregory 4 min read
Data Protection

Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.

When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email, file sharing, managed transfer and secure file transfer. But there are many other communication tools, including SMS text, video conferencing and even web forms. Kiteworks’ research found that more is not necessarily better when it comes to security and communications tools.

The survey found that companies with more than seven different communication tools were at a significantly higher risk of data breach — 3.55x higher than the average. Only 9% of organizations overall reported more than 10 data breaches, but 32% of companies with more than seven communications tools experienced this high number of breaches. More communication tools also translate into higher data breach litigation costs, with organizations with more than seven tools reporting paying 3.25 times more in data breach litigation costs.

Impacts of a data breach

Companies with a high number of data breaches typically see numerous negative impacts on their organization, including lost customers, reputation damage and operational downtime. Many organizations also must hire additional staff after the breach, such as customer service help desks and credit monitoring services. Companies in regulated industries may also face fines related to the breach.

The 2024 Cost of a Data Breach Report found that the average cost of a data breach jumped to $4.88 million from $4.45 million in 2023, a 10% spike and the highest increase since the pandemic. While the study showed key improvements related to breaches, especially in terms of identifying and containing breaches more quickly, the increased cost of a breach is due to rising business costs.

Read the Cost of a Data Breach Report

Why an increase in communication tools increases risk

With communication and data transfer now central to all industries and most processes, both internal and external, reducing risk starts with understanding why each new tool increases the odds of a breach.

Here are key reasons for the correlation between the number of tools and the risk of a data breach:

Increased attack area

Each time a new tool is added to a process, the organization adds a new entry point for an attack every time a user accesses that tool. For example, the marketing department has begun using a different video conferencing tool than the rest of the company. Threat actors can now target users of the tool and recordings of the meetings stored in the cloud. Additionally, the information sent through the tool, such as chat comments and files shared, adds more opportunities for a data breach.

More opportunities for exchanging sensitive data

Kiteworks found that tracking sensitive data creates a big issue, with two-thirds of respondents sending sensitive data to more than 1,000 different third parties. Additionally, employees often let their guard down when using casual communication tools such as messenger and email, which creates instances of sharing sensitive data and increasing data breach risks.

More resources are required to govern and monitor

Because communication tools provide many opportunities for cybersecurity risks, the use of each tool must be carefully monitored with documented processes. This requires more resources, especially in terms of monitoring use for cybersecurity issues or improper use. With more tools to monitor, it’s easier to accidentally overlook a warning signal of a breach.

Increased risk of human error

Communication tools provide many different ways for employees to make mistakes that lead to a breach, such as falling for a social engineering scheme or using an insecure connection to send data. Employees are also more likely to make more compliance errors with more tools since the process may vary per tool, making it easier to overlook a step.

Reducing risk from communication tools

Reducing breaches often feels like an overwhelming task. By starting with communication tools, organizations can take proactive steps toward reducing their risk.

Take stock of tools in use

Many companies have no idea exactly how many tools they are using. By working with all employees and departments, organizations should create a catalog of all tools currently in use.

Eliminate multiple tools used for the same purpose

If your business finds that four different project management tools are used throughout the organization, you need to determine which tool is the best fit for the organization. By helping teams transition to the approved tools, you can reduce your risk of a breach.

Provide employees with the tools that they need

Many employees begin using approved tools because the tools that the company issues do not work for their tasks. For example, many companies instruct employees to use file-sharing tools that have file size limits. If an employee must transfer a file that is too big for that tool, then the only way that they can do their job is by using another approved tool. Many organizations find that their high number of tools used is due to employees improvising to get things done. By ensuring that your employees have tools that accomplish their required tasks, you can often quickly reduce the number of tools used in your organization.

Use tools that perform multiple tasks

The number of communication tools often quickly grows when an organization has a separate tool for each different type of communication task. By using platforms that perform multiple functions, such as file sharing, video conferencing and messaging, organizations can significantly decrease the number of communication tools.

It’s very easy to look up and realize that your company is using many different tools. By making a concerted effort to understand the tools needed and provide the right tools, your organization can reduce your risk of a breach.

 |  | 
Jennifer Gregory
Cybersecurity Writer

More from Data Protection
January 27, 2025

How secure are green data centers? Consider these 5 trends

4 min read - As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations…

January 21, 2025

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

January 3, 2025

Router reality check: 86% of default passwords have never been changed

4 min read - Misconfigurations remain a popular compromise point — and routers are leading the way.According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing emails and stealing staff data when supposedly secure devices can be accessed using "admin" and "password" as credentials?It's time for a router reality check.Rising router risksRouters…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature