By Ziften CEO Chuck Leaver
For United States businesses the incident of a significant cyber attack and substantial data leak is looking more like “when” rather than “if”, because of the new threats that are presenting themselves with fragmented endpoint strategies, cloud computing and data intensive applications. All too frequently organizations are overlooking or inadequately dealing with vulnerabilities that are known to them, and with aging IT assets that are not appropriately secured the cyber wrongdoers begin to take notice.
The variety of data breaches that are occurring is very troubling. In a report from the Verizon Risk Team there were 855 substantial breaches which resulted in 174 million records being lost back in 2011. The stakes are very high for companies that deal with personally identifiable info (PII), due to the fact that if staff members are not educated on compliance and inadequate endpoint data security procedures remain in place then expensive legal action is most likely to take place.
” The possibility of a data breach or privacy problem occurring in any company has actually ended up being a virtual certainty,” Jeffrey Vagle, legal expert writing for Mondaq stated. He suggested that record keepers have to reassess their approach to network and device security, worker data access controls and the administration of PII information. The increase in the use of cloud services can make the prevention of data breaches more difficult, as these services make it possible for the massive exchange of details every time. It would only take one occurrence and countless files could be lost.
Understood Vulnerabilities Need Focus
A great deal of IT departments fret constantly about zero day attacks that will cause a data breach and catch them off guard. As an example of this, Dirk Smith of Network World wrote about an Adobe Acrobat exploit that provided access for hackers to perform advanced monitoring. A lot of IT vulnerabilities can come when software is not patched up to date, and a great deal of zero day dangers can occur from weak points in legacy code that includes a bug in Windows which targeted features that were first introduced Twenty Years earlier.
Security professional, Jim Kennedy wrote in a Continuity Central post “something that I have actually discovered is that much of the breaches and intrusions which prospered did so by attacking recognized vulnerabilities that had actually been identified and had been around for many years: not from some advanced ‘zero-day’ attack which was unidentified and unknown up until only the other day by the security community at large.” “And, much more troubling, social engineering continues to be a most successful way to begin and/precipitate an attack.”
Now the cyber criminal fraternity has access to an extensive series of pre packaged malware. These tools have the capability to perform network and computer system analytics that are complex in nature and then recommend the optimal attack strategy. Another danger is a human one, where staff members are not trained properly to evaluate out calls or messages from individuals who lie about being a member of the technical support group of an external security provider.
It is certainly very important to proactively defend against zero day attacks with robust endpoint protection software applications, however likewise companies have to combine efficient training and processes with the software and hardware solutions. While a lot of companies will have a number of security policies in place there is typically a problem with enforcing them. This can result in dangerous fluctuations in the motion of data and network traffic that should be evaluated by security personnel being overlooked and not being dealt with.