Five tips to build your data breach shield
Kane Lightowler, Managing Director, Asia Pacific & Japan,
Carbon Black
Carbon Black
2016 has proved itself to be a prolific year for cybercrimes.
Cyber criminals are leaving no stones unturned as we witness a number of high
profile attacks on various sectors – healthcare, finance, media – just to name
a few. The reality is in fact, much bleaker as millions of undetected and
unreported cyber-attacks are happening on a daily basis. Yet, organizations and
even governments, are turning a blind eye to these threats and are still
relying on traditional methods of cybersecurity that were not designed to
tackle the sophisticated threats present today.
Cyber criminals are leaving no stones unturned as we witness a number of high
profile attacks on various sectors – healthcare, finance, media – just to name
a few. The reality is in fact, much bleaker as millions of undetected and
unreported cyber-attacks are happening on a daily basis. Yet, organizations and
even governments, are turning a blind eye to these threats and are still
relying on traditional methods of cybersecurity that were not designed to
tackle the sophisticated threats present today.
The Australia Strategic Policy Institute reported that although
cybercrime in the Asia Pacific region accounts for a significant proportion of
global cybercrime, many developing economies still rely on rudimentary cyber
capabilities and the support of foreign aid programmes[1]. This may be
surprising, but even more so, terrifying, as we ponder on these vulnerabilities
and their potential consequences. According to the AT&T Cybersecurity
Insights report in 2015, 64% of organizations acknowledged that they have been
breached, and yet, only 34% of organizations believe they have an effective
incident response plan[2].
cybercrime in the Asia Pacific region accounts for a significant proportion of
global cybercrime, many developing economies still rely on rudimentary cyber
capabilities and the support of foreign aid programmes[1]. This may be
surprising, but even more so, terrifying, as we ponder on these vulnerabilities
and their potential consequences. According to the AT&T Cybersecurity
Insights report in 2015, 64% of organizations acknowledged that they have been
breached, and yet, only 34% of organizations believe they have an effective
incident response plan[2].
Sure, there is no one size fits all when it comes to
cybersecurity. However, there are some well tested guidelines and best
practices that will keep any organization on the right track towards a
comprehensive and robust cybersecurity infrastructure that is better primed to
confront today’s threat landscape.
cybersecurity. However, there are some well tested guidelines and best
practices that will keep any organization on the right track towards a
comprehensive and robust cybersecurity infrastructure that is better primed to
confront today’s threat landscape.
1. Minimize customer data
Rule of thumb – if you don’t need the data, don’t collect it. As
we interact with more Internet of Things (IoT) devices, the amount of data
collected and stored increases exponentially. However, organizations should be
selective of the type of data they collect from customers, so as to minimize
damage should a breach occur.
we interact with more Internet of Things (IoT) devices, the amount of data
collected and stored increases exponentially. However, organizations should be
selective of the type of data they collect from customers, so as to minimize
damage should a breach occur.
2. Develop a strategy
Cybersecurity takes more than just an anti-virus (AV) software.
To tackle the sophisticated threats present today, a multi-layered security
infrastructure is essential in order to confront the adversaries from every
angle.
To tackle the sophisticated threats present today, a multi-layered security
infrastructure is essential in order to confront the adversaries from every
angle.
Part of your strategy should include cost management – investing
in the right mix of cybersecurity solutions for your organization. Currently,
organizations are still investing heavily in traditional AV and network
security. However, incumbent AV providers regularly miss critical malware
threats, as reported by Gartner in its 2016 Magic Quadrant for Endpoint
Protection Platforms[3]. To close this
critical security gap, organizations can look to next-generation anti-virus
(NGAV) – an integral component of modern enterprise defense platforms. NGAV is
characteristic in its ease of deployment and more importantly, its ability to
stop not only run-of-the mill malware but also malware-less attacks – attacks
that are file, memory or script-based, and leverage scripting languages and/or
obfuscated malware. In 2015, 38% of incidents seen by Carbon Black partners were
of such nature. Clearly, these are the real threats that organizations need to
address today.
in the right mix of cybersecurity solutions for your organization. Currently,
organizations are still investing heavily in traditional AV and network
security. However, incumbent AV providers regularly miss critical malware
threats, as reported by Gartner in its 2016 Magic Quadrant for Endpoint
Protection Platforms[3]. To close this
critical security gap, organizations can look to next-generation anti-virus
(NGAV) – an integral component of modern enterprise defense platforms. NGAV is
characteristic in its ease of deployment and more importantly, its ability to
stop not only run-of-the mill malware but also malware-less attacks – attacks
that are file, memory or script-based, and leverage scripting languages and/or
obfuscated malware. In 2015, 38% of incidents seen by Carbon Black partners were
of such nature. Clearly, these are the real threats that organizations need to
address today.
Moreover, with many companies adopting a bring your own device
(BYOD) policy as well as increasing mobility in workplaces, network security
(aka Firewalls) is no longer sufficient; once a device leaves the network
perimeter, it is still vulnerable to attacks.
(BYOD) policy as well as increasing mobility in workplaces, network security
(aka Firewalls) is no longer sufficient; once a device leaves the network
perimeter, it is still vulnerable to attacks.
This is why today’s cyber security war is waged at the endpoint
and by investing in Next Generation Endpoint Security (NGES) solutions, your
devices are protected regardless of where you bring them.
and by investing in Next Generation Endpoint Security (NGES) solutions, your
devices are protected regardless of where you bring them.
3. Maintain real-time
inventory and actionable intelligence
inventory and actionable intelligence
Millions of attack happen every single minute. This is why
real-time surveillance is now critical for identifying and stopping attacks
before they accomplish any real damage.
real-time surveillance is now critical for identifying and stopping attacks
before they accomplish any real damage.
According to the Ponemon Institute, organizations take an average
of 256 days to identify a breach and 100-120 days to response and mitigate,
altogether costing the companies an average of USD$3.8mn per breach[4]. This can be easily
addressed with a solution that can continuously scan, monitor and collect data
from an organization’s endpoints, reducing detection and response time
significantly.
of 256 days to identify a breach and 100-120 days to response and mitigate,
altogether costing the companies an average of USD$3.8mn per breach[4]. This can be easily
addressed with a solution that can continuously scan, monitor and collect data
from an organization’s endpoints, reducing detection and response time
significantly.
By collecting detailed and actionable information on these
security threats at a granular level, organizations can also attain a deeper
level of insights on why and how a breach occurred, with the end goal of making
it exponentially more difficult and expensive for attackers to do their work.
security threats at a granular level, organizations can also attain a deeper
level of insights on why and how a breach occurred, with the end goal of making
it exponentially more difficult and expensive for attackers to do their work.
4. Conduct regular audits
Once a robust security infrastructure is in place, regular
audits of security measures, especially connections commonly used as gateways
for attacks should be carried out in order to access and re-evaluate if an
update is needed.
audits of security measures, especially connections commonly used as gateways
for attacks should be carried out in order to access and re-evaluate if an
update is needed.
Cybercriminals are constantly innovating and advancing their
tactics of attacks. It would be foolhardy to assume that the technology of
yesteryears is still effective against today’s threats.
tactics of attacks. It would be foolhardy to assume that the technology of
yesteryears is still effective against today’s threats.
5. Educate employees
When it comes to cybersecurity, the human is often the weakest
link. Ensuring that all employees are clear on their role in data security and
raising awareness on the types of threats goes a long way in closing any
possible gaps in your cybersecurity infrastructure.
link. Ensuring that all employees are clear on their role in data security and
raising awareness on the types of threats goes a long way in closing any
possible gaps in your cybersecurity infrastructure.
[1] Australian Strategic Policy
Institute, Cyber Maturity in
the Asia Pacific Region 2015, 2015
Institute, Cyber Maturity in
the Asia Pacific Region 2015, 2015
2 AT&T, Cybersecurity
Insights Report, 2015
Insights Report, 2015
3 Gartner, Magic Quadrant for Endpoint Protection Platforms, 2016
4 Ponemon
Institute, 2015 Cost of Data Breach Study: Global Analysis, May 2015
Institute, 2015 Cost of Data Breach Study: Global Analysis, May 2015
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
