By Ziften CEO Chuck Leaver
For US businesses the incident of a major cyber attack and substantial data leak is looking more like “when” instead of “if”, because of the new risks that are presenting themselves with fragmented endpoint strategies, cloud computing and data extensive applications. All too frequently companies are ignoring or improperly dealing with vulnerabilities that are understood to them, and with aging IT assets that are not properly secured the cyber criminals begin to take notice.
The number of data breaches that are occurring is really disturbing. In a report from the Verizon Risk Team there were 855 substantial breaches which led to 174 million records being lost back in 2011. The stakes are really high for businesses that deal with personally identifiable info (PII), because if employees are not educated on compliance and inadequate endpoint data defense measures are in place then costly legal action is likely to happen.
” The likelihood of a data breach or privacy concern happening in any business has become a virtual certainty,” Jeffrey Vagle, legal expert writing for Mondaq specified. He recommended that record keepers have to reconsider their approach to network and device security, worker data access controls and the administration of PII details. The increase in the use of cloud services can make the prevention of data breaches more challenging, as these services make it possible for the massive exchange of information each time. It would only take one incident and countless files could be lost.
Understood Vulnerabilities Require Focus
A great deal of IT departments stress constantly about zero day attacks that will cause a data breach and catch them off guard. As an example of this, Dirk Smith of Network World wrote about an Adobe Acrobat exploit that provided access for hackers to carry out advanced surveillance. A lot of IT vulnerabilities can come when software is not patched up to date, and a lot of zero day dangers can take place from weak points in legacy code that includes a bug in Windows which targeted features that were first presented 20 years back.
Security expert, Jim Kennedy wrote in a Continuity Central post “one thing that I have found is that a lot of the breaches and invasions which were successful did so by attacking recognized vulnerabilities that had actually been identified and had actually been around for several years: not from some advanced ‘zero-day’ attack which was unidentified and unknown up until only yesterday by the security community at large.” “And, much more disturbing, social engineering continues to be a most effective method to start and/precipitate an attack.”
Now the cyber criminal fraternity has access to a comprehensive series of pre packaged malware. These tools have the ability to perform network and computer analytics that are complex in nature and after that suggest the ideal attack method. Another risk is a human one, where staff members are not trained correctly to evaluate out calls or messages from people who lie about being a member of the technical support team of an external security supplier.
It is certainly extremely important to proactively resist zero day attacks with robust endpoint protection software applications, but also companies need to integrate effective training and processes with the hardware and software solutions. While most companies will have a number of security policies in place there is normally an issue with enforcing them. This can lead to dangerous fluctuations in the movement of data and network traffic that should be examined by security personnel being ignored and not being dealt with.