This post has actually been written by Chuck Leaver, Chief Executive Officer Ziften Technologies.
In a report it was revealed that breaches of consumer data means that there are increasingly more identity thefts being carried out nowadays. This is extremely worrying for all of us.
The report was carried out by the National Consumers League and it exposes that in the year 2013, around 33% of consumer data breaches resulted in identity fraud, and this means that the figure has tripled since the year 2010. This worrying rise can be explained by some clear reasons. Cyber lawbreakers are using a lot more advanced methods now and there is a lack of cyber attack laws that require companies to reveal when they have had an attack. To make matters worse there are few organizations using endpoint detection and response systems to protect their data. All this means that we are entering an environment where consumers are discovering that their data is continuously under attack by dishonest hackers.
John Breyault, who belongs to the National Consumers League, specified that cyber attack breach legislation like the one operating in California can assist with the minimization of breach reverberations by mandating the companies that have been attacked to rapidly get the word out.
He went on to state that after a breach prompt notice is required so that individuals can carry out a “harm analysis” once they know about an attack. This is everybody’s right and at the moment the type of problem that would set a notice in motion stays very broad.
Sadly, it is not just identification theft that is under the spotlight. Another report revealed that malware is now more widespread than it ever was.
Every Third Computer system Has A Malware Infection Revealed In A Report
The Anti Phishing Workers Group published a report specifying that malware was most likely to be present in as much as a third of the computer systems throughout the world by the last quarter of 2013. This is a considerable boost when compared with the previous quarter says Tech News World. The technical director of a security lab that investigates cyber attacks, Luis Corons, stated that brand-new malware strains are being developed at an incredibly rapid pace and that malware infections could rise even further.
He specified that the development of brand-new malware samples has just skyrocketed and it has doubled from the last quarter of 2013 to the very first quarter of 2014.
The findings of these 2 reports underlines the fact that there is no space for complacency in companies when it concerns security. Every organization needs to sure up its endpoint detection and response systems or deal with the fact that a cyber attack is significantly more likely to be coming their way.
With malware ending up being more stealth and the fines that enterprises face when they suffer a breach from it makes the case for executing endpoint detection and response systems even more critical than it was in the past. Without the best defenses in place there is not only the danger of a significant cyber attack, but also fines and suits that can be really harmful to a business. If an enterprise thinks that it is insusceptible to cyber attacks then they are being conceited and ignorant. The cyber criminals out there are making their attacks almost undetected these days.
Serious Malware Threat Now Averting Detection
Embedding a secret message into something unexpected is called steganography and is not something new that has actually shown up with the Internet. In the 1600’s, Gaspar Schott developed a book which described how a secret message could be hidden in a musical score and that this could be decrypted by those that knew about it. The technique used was the notes on the score would represent a letter of the alphabet and for that reason the message could be checked out.
This practice has some stressing ramifications as it supplies a nearly sure-fire method of concealing info that should not exist. Cyber wrongdoers have been using steganography for several years now. It was reported in a Federal Plan Cyber Security which was released by the National Science and Technology Council in 2006, that steganography represents a specifically devious method for terrorists to infiltrate U.S. systems.
The report stated that these tools are economical and widespread making steganography an enabling technology for the foes of the U.S.
These days cyber security attacks are widespread and hackers are leveraging steganography to perform attacks that are nearly undetectable and really sophisticated. In a paper on the threats of steganography, it was specified that there is momentum gathering in its use among cyber criminals who can utilize the method to breach networks without detection. The report went on to state that Internet based steganography has become a lot more advanced and will only end up being more so in the years to come.
While steganography does pose a big hazard it can be alleviated by executing an endpoint detection and response system. This system will carefully see all locations where a cyber lawbreaker might gain access and it is recommended that organizations take this important action.
The Penalties Are High For Organizations That Are Exposed To A Malicious Breach
The risk of a steganographic attack need to definitely suffice for you to execute an endpoint detection and response system but if it isn’t then the substantial fines that your organization can be confronted with for a breach needs to be. Any organization is susceptible to attacks and fines. As an example of this the Women and Infant Hospital in Providence, Rhode Island, needed to pay $150,000 as a result of a cyber attack which saw the information of 12,000 individuals jeopardized. The Modesto Bee stated that the data that the health center lost consisted of Social Security numbers, dates of birth as well as ultrasound images.
The corporate world can also suffer at the hands of a malicious breach. eBay faced a law suit from a consumer in Louisiana after they were infiltrated according to Computerworld. Colin Green, who filed the law suit, is not alone in being discontented and represents millions of people who were not happy that their personal data was exposed when the cyber attack happened at eBay. The potential fines and law suits make the investment in a tested endpoint detection and response system really worthwhile.
From The Desk Of Chuck Leaver Ziften CEO
A business suffers a cyber attack. The system administrators discover the attack, they would like to know more about it, they send their IT team to try and stem the attack and recuperate lost data. This is exactly what happens after numerous companies have been breached, however then business typically cannot take the next important action: the proactive informing of their consumers that they have actually experienced a cyber attack. There have been many cases where it has been difficult to get a business to reach out to its consumers and it takes a lot more time and threat than it ought to do.
There is a tendency now that business that have actually been breached simply do not want to inform those that have been impacted by the attack– their consumers– that the attack took place according to the Portland Press Herald. The factor that businesses do not wish to tell their consumers is completely self-centered. They are concerned that the track record of their company will be damaged if they tell the world about the attack so they constantly want to keep this news in house. Both Target and Neiman Marcus did this and waited far too long to tell their consumers that they had actually been victims of a cyber attack.
It Is Simply Disadvantageous To Keep Cyber Attack News Far from Your Consumers
It is totally careless to keep back on informing your clients about a cyber attack and it can likewise work against you. If there is a long gap between the attack occurring and businesses admitting that it took place then it can appear that the business is being dishonest and is not competent to safeguard consumer data. Regardless of this, businesses that have experienced an attack continue to withhold this info from their customers. JP Morgan Chase was an example where there was a delay of around 4 months before they told their clients that they had suffered a significant cyber attack. U.S. Public Interest Research Group consumer program director, Ed Mierzwinski, said there is a lot of work to do when it pertains to informing clients that a breach has actually occurred.
He said that clearing your name was a “nuisance”. He likewise said that it takes a lot of time and the business does not get paid for doing this.
In spite of the time and effort involved, it is essential that businesses embrace a complete recovery procedure and that they inform their clients about the cyber attack every step of the way. If the idea of telling your clients that you have been attacked does not appeal then you can avoid attacks from occurring in the first place. If a stringent endpoint detection and response system is implemented then a company can safeguard their network and be sure that they will not suffer from a cyber attack and put their client data at risk.
CEO Ziften Technologies Chuck Leaver.
Companies ought to be taking every possible step to safeguard their infrastructure with the existing threat of cyber security attacks and it is fascinating that they are not doing this. Their information is crucial to them however they are taking no action. Writing for bobsguide, guest poster Torgny Gunnarsson– who operates a company that provide data solutions – made the point that at a time when all companies are always attempting to take advantage of brand-new technology, they seem to be reluctant to put the protective procedures in place, such as endpoint detection and response. While it excellent that businesses are utilizing the latest technology, they are at the very same time becoming susceptible to a new world of risks which include information loss, breaches of passwords and ransomware.
Some of these businesses may not truly be aware of the risk of cyber security and virtual criminal activity, after they are hit with this problem there will be a number of consequences to this. Gunnarson makes reference to attacks on Target and Adobe in his writing and states that these were examples of shortfalls in security which led to big financial losses. With the Adobe attack there was a loss of 38 million users. Informing 38 million users about this would definitely come at a high price states Data Breach Insurance, then there are the costs of recovering the situation on top of that. Reuters mentioned that Target needed to pay more than $60 million as a result of the information breach, and also suffered with a loss of business because of the cyber attack.
You would think that these kinds of high profile losses would have all companies rushing out to secure themselves with an endpoint detection and response system and take any other steps that they might to prevent cyber criminal activity. However the reality is different and lots of companies think that there is no chance that their infrastructure will ever be under attack. This is an extremely risky strategy and very short sighted in this existing environment of cyber attacks.
Secure Your Company Now With These Actions
It is an overwhelming possibility to believe that there are a variety of cyber lawbreakers who wish to access your information. You do not have to be the next victim of this just because there are a lot of hackers out there. By taking these steps listed below you will make a substantial effect on keeping hackers away from your infrastructure:
1. You should implement an endpoint detection and response system. Absolutely nothing else is more vital when it pertains to protecting your company from a cyber attack. When you implement enterprise endpoints you will have the comfort that there will be no attempted attacks on your network without you knowing it.
2. You have to make sure all of your staff members are aware of the danger of cyber security. Don’t simply leave it to your IT group to be up to date with the current cyber security risks. You should comprehend that a cyber attack can be launched from absolutely anywhere in the world and these hackers can target any company. When you keep your employees up to date about these cyber dangers you include another level of protection by ensuring that employees practice safe computing and do everything humanly possible to keep the hackers out.
3. You have to constantly monitor security. It must be a top priority to look after your cyber security so ensure that it is. Be sure that your endpoint detection software is up to date and put cyber security on the program at every conference. There is no place for laziness with cyber security.
Ziften Technologies are based in Austin, Texas, and Chuck Leaver is the CEO.
This video from the Commonwealth Club includes Steve Blank and he goes over how it is possible to construct a fantastic company step by step.
There is no doubt that Steve is an intelligent man and his funny bone is great. His company insights are extremely valued and there are numerous points that he made that I agree with:
He stated in the video that “there is absolutely nothing that you can find out inside your very own building so you have to get out of it!” Steve declared that this was a lesson that business in Silicon Valley had to find out the hard way. Now at Ziften we make sure that we visit our potential customers and clients on a weekly basis. Our company is young however the crucial execs and I understand that we need to understand and be reasonable about the market and show this in our company design. When we know what the market needs we can really add worth.
We constantly put our consumers first and continue to pay attention to them. In the video Steve points out how difficult it is for business owners to pay attention to their clients rather than attempting to force their viewpoint on the marketplace. What we likewise do at Ziften is to encourage our people to listen prior to speaking. When we are talking to our potential customers and consumers we have to understand that they care a lot more about how we can resolve their issues rather than pay attention to how creative we are.
Steve makes another good point in the video when he speaks about how innovation is perceived in the United States compared to the rest of the world. The thinking in the U.S.A is right when it comes to our attitudes towards failing. Anybody is motivated to learn from failure, and these will turn these individuals into knowledgeable executives who can actually influence and include a lot of worth to a new company. It is essential that there should be no fear of failure due to the fact that this will suppress development.
I constantly convince individuals that work for us to take risks with no fear of a comeback. I totally believe that this is pushing us closer to our objective of closing the space between enterprise client security and security technology and we are arriving rapidly. This is a substantial change and we are truly near our objective.