Cyberdefense without coffee breaks

October 11, 2011 by bkrenek

It’s easy for organizations to get discouraged by the proliferation of high-wire data breaches these days.  After all, if global companies can fall prey to damaging cyber attacks, what hope is there for businesses that aren’t brand name organizations?

The sense of vulnerability against hackers isn’t without merit.  A recent Ponemon Institute study concluded that cyber attacks are as reliable as rain; 90 percent of surveyed businesses were attacked at least once in the previous year, with almost half stating that there was a notable increase in cyber attacks, and 77 percent claiming that attacks had become more severe or difficult to contain.  Even the chairman of Ponemon concedes that the dream of complete security is somewhat futile, and other experts echo that there’s no solid protection against determined hackers.

The solution, experts say, is to shift from the goal of perfect security to active monitoring.

This security mindset is the opposite of the “can’t happen to me” mentality common amongst security professionals, according to a recent Tenable Network Security study.  The report noted that more than 90 percent of attendees surveyed at the 2011 Gartner Security & Risk Management Summit discussed large-scale, high-profile breaches with senior management, yet only 23 percent did anything beyond that.

One of the study’s conclusions was that security professionals had been getting by with “good enough” security measures that were adequate for auditing purposes, while being far from sufficient to truly bolster businesses against attacks, including insider threats.  Indeed, while a recent Verizon Business Data Breach Investigations Report revealed that insider threats are one of the leading sources of data leakage and theft, and nearly half of Tenable’s surveyed businesses stated that they had experienced some type of insider threat, “preventing insider threats” ranked second to last as a security priority.

What has become clear is that regulatory compliance isn’t the same thing as security.  Careless employees, which are amongst a company’s biggest security risk, can upend the best technologies and practices.  Moving data to the cloud sounds like a secure measure, until the hosting company itself gets hacked.  Think you’re safe because your organization is small?  Wrong.  Criminals are now targeting small businesses because their security measures are often weak.

Some experts advise companies to recognize their vulnerability and the fruitlessness of trying to plug every hole (although certainly endeavoring to do as much as they can in this regard).  Instead, a company’s efforts are best spent monitoring every aspect of its web traffic and reacting when new threats are identified.

Constant monitoring and always-on security can be enabled by the following steps:

  1. Deploy preventative network and endpoint protection.
  2. Evaluate your assets and protect them accordingly.
  3. Enforce encryption and data copying policy (so, for example, if a laptop gets lost, no one can break in and pull out that data).
  4. Deploy proactive data loss prevention technology.
  5. Focus on best practices and impact scenarios so that your staff knows what to look for in the event of a breach.
  6. Train users on sensitive information handling.
  7. Think like a criminal in order to catch one.
  8. Try to penetrate your own organization to see if your security defenses are up to par.

Strong cyberdefense means strong planning to mitigate the risks of a breach, strong support to help your organization fight against hackers, and a strong cup of coffee to keep your security vigilant around the clock.  After all, hackers never rest, so neither can your organization’s cyberdefense.

[dropshadowbox align=”none” effect=”lifted-both” width=”600px” height=”” background_color=”#ffffff” border_width=”1″ border_color=”#dddddd” ]White Paper Download: Cyber Insurance and Your Data Breach Response Plan [/dropshadowbox]