Five tips to build your data breach shield by Kane Lightowler, Managing Director, Asia Pacific & Japan, Carbon Black
2016 has proved itself to be a prolific year for cybercrimes. Cyber criminals are leaving no stones unturned as we witness a number of high profile attacks on various sectors – healthcare, finance, media – just to name a few. The reality is in fact, much bleaker as millions of undetected and unreported cyber-attacks are happening on a daily basis. Yet, organizations and even governments, are turning a blind eye to these threats and are still relying on traditional methods of cybersecurity that were not designed to tackle the sophisticated threats present today.
The Australia Strategic Policy Institute reported that although cybercrime in the Asia Pacific region accounts for a significant proportion of global cybercrime, many developing economies still rely on rudimentary cyber capabilities and the support of foreign aid programmes. This may be surprising, but even more so, terrifying, as we ponder on these vulnerabilities and their potential consequences. According to the AT&T Cybersecurity Insights report in 2015, 64% of organizations acknowledged that they have been breached, and yet, only 34% of organizations believe they have an effective incident response plan.
Sure, there is no one size fits all when it comes to cybersecurity. However, there are some well tested guidelines and best practices that will keep any organization on the right track towards a comprehensive and robust cybersecurity infrastructure that is better primed to confront today's threat landscape.
3. Maintain real-time inventory and actionable intelligence
Millions of attack happen every single minute. This is why real-time surveillance is now critical for identifying and stopping attacks before they accomplish any real damage.
According to the Ponemon Institute, organizations take an average of 256 days to identify a breach and 100-120 days to response and mitigate, altogether costing the companies an average of USD$3.8mn per breach. This can be easily addressed with a solution that can continuously scan, monitor and collect data from an organization’s endpoints, reducing detection and response time significantly.
By collecting detailed and actionable information on these security threats at a granular level, organizations can also attain a deeper level of insights on why and how a breach occurred, with the end goal of making it exponentially more difficult and expensive for attackers to do their work.
4. Conduct regular audits
Once a robust security infrastructure is in place, regular audits of security measures, especially connections commonly used as gateways for attacks should be carried out in order to access and re-evaluate if an update is needed.
Cybercriminals are constantly innovating and advancing their tactics of attacks. It would be foolhardy to assume that the technology of yesteryears is still effective against today’s threats.
5. Educate employees
When it comes to cybersecurity, the human is often the weakest link. Ensuring that all employees are clear on their role in data security and raising awareness on the types of threats goes a long way in closing any possible gaps in your cybersecurity infrastructure.