New Working Practices are Exposing your Intellectual Property

2 people in an office discussing work, looking at a laptop

Image courtesy of storeyset on Freepik

Businesses face unprecedented challenges in protecting sensitive information from intentional, deliberate theft by cybercriminals. Recent shifts in how we work have increased the exposure of our data to intentional data theft. Any business with sensitive data, IP, or a reputation to protect is at risk, regardless of industry, or size.


Data Breach in 2024: Deliberate and Intentional

There are multiple forces behind the recent rise in theft risk. In retrospect, the days of script kiddies were simpler to defend against and were at worst an annoyance. Today’s cybercriminal is sophisticated, with considerable access to offensive tools. Tools that are starting to incorporate AI to exploit vulnerabilities in devices and code. Cybercrime is estimated to cost the world $9.5 trillion in 2024 and growing fast.

Some of this can be attributed to hacker-for-hire attacks to sabotage a business reputation, or just to cause disruption. Increasingly, we are seeing targeted phishing and ransomware cyberattacks sponsored by nation-states and fuelled by an underground market for stolen data. For many businesses, the first hint they get of an IP breach is when their competitors start undercutting them.


Outside of Your Control: Factors in Data Theft

Yet there is a contributing factor to this that we are all responsible for… convenience. Seldom do convenience and security make good bedfellows. Most organisations have undertaken signifiant changes in working practices over the past 5 years. Changes that have expanded their attack surface.

Cloud Services

One such change is the increased adoption of cloud-based services. The convenience of removing in-house servers and a team to run them means more application data going outside of the business. How is this data getting there? Where and how is it stored? A breach can occur from a single misconfiguration in an application or device belonging either to the business or the cloud service provider.


Another change is user working patterns. Undoubtedly, where users want to work has changed post-COVID. Pre-COVID data security was about making sure sensitive business data never left the confines of the internal network. Now, users expect 24×7 access to data and demand access to this data from anywhere – home, coffee shop, hotel, airport. Again, a single misconfiguration in a device or application can expose data to a breach.

Supply chain

Supply chains can also increase exposure of data. The convenience of getting to market more cost-effectively and faster means handing over more and more data to suppliers. Are supplier infrastructures as secure as we require? More cyberattacks are originating from outside of businesses from somewhere within the supply chain – our suppliers, or their suppliers, or their suppliers.


Together, these factors mean more sensitive data outside of the safety of our internal networks and increasingly outside of what we have control over and visibility of. More data outside of our network increases the risk of exposure. An increase in risk means an increase in the likelihood of a data theft attack. A data theft attack that impacts a business’s bottom line and reputation.


our Data Leakage v Data Theft infographic

Good Practice: Basic Cyber Strategies

In “Data Theft: Never Too Small to Worry About Vulnerabilities” I outline basic good practices that all businesses should deploy as a minimum:

    • user access control
    • multi-factor authentication
    • encrypt all data at rest and in transit
    • regular application updates
    • antivirus and firewalls
    • user education
    • data classification and handling
    • vet and audit suppliers


Data Theft Prevention: Zero-Trust on all Outbound Data Flows

The above strategies go some way towards mitigating the exposure of sensitive data. But they do little to prevent the theft of data destined outside of the business – to the cloud, hybrid workers, or supply chains.

Just as antivirus protects against incoming threats, outgoing data requires protection:

    • from hackers or disgruntled employees
    • from C2C-based malware (botnets, RATs, ransomware)
    • due to data transfer risks to cloud applications
    • arising from application misconfiguration or malicious updates

Currently, there is much talk of zero-trust architectures (ZTA), a security approach that assumes no one or device is inherently trustworthy, requiring continuous verification before granting access to data or resources.

Zero-Trust is highly relevant to outbound data. To eliminate data theft a “deny-all” stance is required – blocking data transmission from a device until the data flow can be proven to be trustworthy. The minimum trustworthy proof is that the data flow has come from a trusted application and is going to a trusted destination via a trusted transmission method.



Business and user convenience increases the exposure of sensitive business data to theft and breach. Convenience and security rarely go hand in hand, and convenience is difficult to take away once given.

There are many good practices businesses can implement to mitigate the risk of data exposure. But the only way to eliminate theft of sensitive data is via zero-trust: take a “block-all-outbound-data” stance and continually monitor the integrity of outbound data flows before allowing transmission beyond a device.


About the Author

Dr. Mark Graham has spent over 30 years in cybersecurity. He completed his PhD in malware detection in Cambridge, UK where he also lectured in Information Security, Cybercrime, and Pen-Testing. He is a co-founder of ZORB Security which specialises in eliminating data theft.

Put ZORB to the test

See first hand how ZORB blocks data theft, protecting sensitive data and business reputations.

14 Day Risk-Free Trial

No credit card required

Try ZORB for free