By Ziften CEO Charles Leaver
For United States businesses the incident of a major cyber attack and substantial data leak is looking more like “when” instead of “if”, because of the new dangers that are presenting themselves with fragmented endpoint techniques, cloud computing and data intensive applications. All too frequently organizations are overlooking or inadequately dealing with vulnerabilities that are understood to them, and with aging IT assets that are not correctly protected the cyber lawbreakers start to take notice.
The variety of data breaches that are happening is very disturbing. In a report from the Verizon Risk Team there were 855 significant breaches which led to 174 million records being lost back in 2011. The stakes are really high for businesses that deal with personally identifiable info (PII), since if staff members are not informed on compliance and inadequate endpoint data defense measures remain in place then costly legal action is most likely to occur.
” The likelihood of a data breach or privacy concern taking place in any company has ended up being a virtual certainty,” Jeffrey Vagle, legal expert posting for Mondaq stated. He suggested that record keepers need to reconsider their approach to network and device security, staff member data access controls and the administration of PII information. The rise in the use of cloud services can make the prevention of data breaches more challenging, as these services make it possible for the enormous exchange of information each time. It would only take one incident and millions of files could be lost.
Known Vulnerabilities Need Focus
A lot of IT departments worry continually about zero day attacks that will cause a data breach and catch them off guard. As an example of this, Dirk Smith of Network World posted about an Adobe Acrobat exploit that opened the door for hackers to carry out advanced surveillance. A lot of IT vulnerabilities can come when a software application is not patched up to date, and a great deal of zero day threats can take place from weaknesses in legacy code which includes a bug in Windows which targeted features that were first introduced 20 years back.
Security professional, Jim Kennedy wrote in a Continuity Central post “one thing that I have found is that many of the breaches and invasions which prospered did so by attacking known vulnerabilities that had been identified and had been around for several years: not from some sophisticated ‘zero-day’ attack which was unidentified and unknown until only yesterday by the security community at large.” “And, even more troubling, social engineering continues to be a most effective way to start and/precipitate an attack.”
Now the cyber criminal fraternity has access to a comprehensive range of pre packaged malware. These tools have the capability to perform network and computer system analytics that are complicated in nature and after that advise the optimal attack strategy. Another risk is a human one, where workers are not trained correctly to evaluate out calls or messages from individuals who lie about being a member of the technical support group of an external security supplier.
It is definitely crucial to proactively resist zero day attacks with robust endpoint protection software, but also companies need to combine effective training and processes with the software and hardware solutions. While the majority of companies will have a variety of security policies in place there is normally an issue with enforcing them. This can result in dangerous changes in the movement of data and network traffic that must be evaluated by security personnel being overlooked and not being addressed.