The Accenture Security team recently published an amazing whitepaper on Data Centric Security. Considering the number of breaches that corporates and businesses have to deal with, it’s no surprise that technology companies are starting to clamp down on cybersecurity. Protecting your customers and your data is no easy task. In recent years:
1. More than 140 million customer records were leaked from a leading credit reporting agency.
2. Half a billion user accounts were compromised at a leading Internet service provider.
3. 80 million patient and employee records were breached at a health insurer.
4. More than 50 million credit card accounts were compromised at a leading retailer.
And this is just the tip of the iceberg. But how many more ships must sink, and data get lost due to poor security? Let’s talk about getting your data protection fundamentals in order to ensure that your customer’s private data is in safe hands, your hands.
How data breaches hurt you
There are three major occurrences during a data breach:
1. Data breaches are costly: Given the above examples, the estimates put in financial losses from a severe data breach is in the tens or hundreds of millions of dollars. The average data breach can cost an organization USD 11.7 million, which is frightening!
2. Data breaches can potentially cost lives: Whether it is the Intelligence community, healthcare, energy or chemicals, data breaches have real-world consequences affecting people’s lives.
3. Data breaches occur due to multiple failures: There are multiple points of failure. For hackers to leak millions of customer records, generally multiple breaches have occurred over a long period of time – days, weeks or months!
Manning the cyber forts
There are many practices an organization can adopt to prevent breaches and loss of data. Depending on how large your organization is and how much your security budget is, there are a ton of things you can do to have better security:
1. Protect high-value assets – While this is obvious, protecting high-value assets should be the first priority for your security team. Sometimes adopting the attacker’s mindset can give your team the perspective they need while designing and executing a threat and vulnerability program. Adding multiple techniques such as encryption, tokenization, micro-segmentation, privilege and digital rights management can fortify your high-value assets making breaches longer and harder to execute.
2. People make mistakes – Securing your data is one thing, but if you allow human error to creep into your processes, then all that security will go to waste. Monitoring who will have access to what data is almost as important as encrypting everything. Monitor continuously for unauthorized access and assign roles to limit access. Proper micro-segmentation in your access control can allow users with access to see what they have to see by obscuring the rest they need not. By doing this, if a user’s credentials are compromised, only a segment of the data is exposed. This makes leaking large amounts of data harder.
3. Network enclaves make good walls – In the digital world, the lines between your walls and the outside world could get blurred. The perimeter is now an abstract concept that moves fluidly between the cloud, the field and the control rooms. Creating enclaves or environments where you can monitor the traffic of users and behaviors of applications can stall an attacker’s maneuverability. When the perimeter is compromised, the enclaves remain safe, and these partitions could prevent further damage.
4. Release the hunting programs! – Don’t be complacent because your attackers will not. Regularly have hunting programs scan for vulnerabilities and adopt a continuous response model. Always assume you’ve been breached and use your threat hunting teams to look for the next breach.
“Winter is coming… “
Always prepare for the worst. When you transform your incident response plan into a crisis management plan you are better ready for the storm. Have legal and corporate communications teams on standby so that they may take action in a heartbeat. Many technology companies these days run crisis drills to ensure teams are able to function despite losing basic functionalities like email, VOIP, and other means of communication. If Google does it, it can’t be a bad idea!