The
Accenture Security team recently published an amazing whitepaper on Data
Centric Security. hackerslist.co
considering the number of breaches that corporates and businesses have to deal
with, it's no surprise that technology companies are starting to clamp down on
cybersecurity. Protecting your customers and your data is no easy task. In
recent years:
1.
More than 140 million customer records were leaked from a leading credit
reporting agency.
2.
Half a billion user accounts were compromised at a leading Internet service
provider.
3.
80 million patient and employee records were breached at a health insurer.
4.
More than 50 million credit card accounts were compromised at a leading
retailer.
How data breaches hurt you
There are three major
occurrences during a data breach:
1.
Data breaches are costly: Given the above examples, the estimates put in
financial losses from a severe data breach is in the tens or hundreds of
millions of dollars. The average data breach can cost an organization USD 11.7
million, which is frightening!
2.
Data breaches can potentially cost lives: Whether it is the Intelligence
community, healthcare, energy or chemicals, data breaches have real-world
consequences affecting people's lives.
3.
Data breaches occur due to multiple failures: There are multiple points of
failure. For hackers to leak millions of customer records, generally multiple
breaches have occurred over a long period of time - days, weeks or months!
Manning the cyber forts
There
are many practices an organization can adopt to prevent breaches and loss of
data. Depending on how large your organization is and how much your security
budget is, there are a ton of things you can do to have better security:
1.
Protect high-value assets - While this is obvious, protecting high-value assets
should be the first priority for your security team. Sometimes adopting the
attacker's mindset can give your team the perspective they need while designing
and executing a threat and vulnerability program. hackerslist.co adding multiple techniques such as encryption,
tokenization, micro-segmentation, privilege and digital rights management can
fortify your high-value assets making breaches longer and harder to execute.
2.
People make mistakes - Securing your data is one thing, but if you allow human
error to creep into your processes, then all that security will go to waste.
Monitoring who will have access to what data is almost as important as
encrypting everything. Monitor continuously for unauthorized access and assign
roles to limit access. Proper micro-segmentation in your access control can
allow users with access to see what they have to see by obscuring the rest they
need not. By doing this, if a user's credentials are compromised, only a segment
of the data is exposed. This makes leaking large amounts of data harder.
3.
Network enclaves make good walls - In the digital world, the lines between your
walls and the outside world could get blurred. The perimeter is now an abstract
concept that moves fluidly between the cloud, the field and the control rooms.
Creating enclaves or environments where you can monitor the traffic of users
and behaviors of applications can stall an attacker's maneuverability. When the
perimeter is compromised, the enclaves remain safe, and these partitions could
prevent further damage.
4.
Release the hunting programs! - Don't be complacent because your attackers will
not. Regularly have hunting programs scan for vulnerabilities and adopt a
continuous response model. Always assume you've been breached and use your
threat hunting teams to look for the next breach.
No comments:
Post a Comment