For a long time, when an attacker set out to breach a company’s network, the process was a lot like a physical burglary. The attacker would research the target (i.e. ‘case the joint’), get in quickly and unnoticed, collect all of the valuables that he could easily sell, and possibly leave behind an open basement window or other way to return later and collect more loot.
Today, data breaches are rarely isolated incidents. As security scribe Brian Krebs notes in a recent blog , malware can quickly shift into a sustained problem for victim organizations, because cybercriminals are mining, testing and harvesting stolen data and holding it ransom for hefty fees. This increases the possibility of every employee within an organization becoming a weak spot in the security chain, as it’s never been easier for insiders to willingly (or accidentally) expose sensitive data . And unfortunately, many organizations increase their data security awareness, understanding and preparedness the hard way waiting until after they’ve suffered an expensive, complicated incident to take stock of their sensitive information and strategically protect it.
If your organization is monitoring data for industry compliance but falling short of auditing for security attacks and threats, it’s time to re-evaluate your approach. The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity , a reference for assessing security maturity, is a good place to start. NIST’s core functions of effective cybersecurity include:Identify Protect Detect Respond Recover
Covering every one of these bases includes not only planning for data recovery after a breach occurs, but also evaluating assets in a business environment, developing a risk management strategy, detecting suspicious user behavior and constantly analyzing to improve security. Failing to do so could leave your organization exposed to threats it wasn’t even aware it faced.
As Krebs explains: “Real and effective security is about going beyond compliance ― by focusing on rapidly detecting and responding to intrusions, and constantly doing that gap analysis to identify and shore up your organization’s weak spots before the bad guys can exploit them.”
What’s hiding in your data? Read seven true data security stories .