Five tips to build your data breach shield

by Kane Lightowler, Managing Director, Asia Pacific & Japan, Carbon Black

2016 has proved itself to be a prolific year for cybercrimes. Cyber criminals are leaving no stones unturned as we witness a number of high profile attacks on various sectors – healthcare, finance, media – just to name a few. The reality is in fact, much bleaker as millions of undetected and unreported cyber-attacks are happening on a daily basis. Yet, organizations and even governments, are turning a blind eye to these threats and are still relying on traditional methods of cybersecurity that were not designed to tackle the sophisticated threats present today.

Kane Lightowler, M.D, APAC, Japan, Carbon Black

The Australia Strategic Policy Institute reported that although cybercrime in the Asia Pacific region accounts for a significant proportion of global cybercrime, many developing economies still rely on rudimentary cyber capabilities and the support of foreign aid programmes. This may be surprising, but even more so, terrifying, as we ponder on these vulnerabilities and their potential consequences. According to the AT&T Cybersecurity Insights report in 2015, 64% of organizations acknowledged that they have been breached, and yet, only 34% of organizations believe they have an effective incident response plan.

Sure, there is no one size fits all when it comes to cybersecurity. However, there are some well tested guidelines and best practices that will keep any organization on the right track towards a comprehensive and robust cybersecurity infrastructure that is better primed to confront today's threat landscape.

1. Minimize customer data

Rule of thumb – if you don’t need the data, don’t collect it. As we interact with more Internet of Things (IoT) devices, the amount of data collected and stored increases exponentially. However, organizations should be selective of the type of data they collect from customers, so as to minimize damage should a breach occur.

2. Develop a strategy

Cybersecurity takes more than just an anti-virus (AV) software. To tackle the sophisticated threats present today, a multi-layered security infrastructure is essential in order to confront the adversaries from every angle.

Part of your strategy should include cost management – investing in the right mix of cybersecurity solutions for your organization. Currently, organizations are still investing heavily in traditional AV and network security. However, incumbent AV providers regularly miss critical malware threats, as reported by Gartner in its 2016 Magic Quadrant for Endpoint Protection Platforms. To close this critical security gap, organizations can look to next-generation anti-virus (NGAV) – an integral component of modern enterprise defense platforms. NGAV is characteristic in its ease of deployment and more importantly, its ability to stop not only run-of-the mill malware but also malware-less attacks – attacks that are file, memory or script-based, and leverage scripting languages and/or obfuscated malware. In 2015, 38% of incidents seen by Carbon Black partners were of such nature. Clearly, these are the real threats that organizations need to address today.

Moreover, with many companies adopting a bring your own device (BYOD) policy as well as increasing mobility in workplaces, network security (aka Firewalls) is no longer sufficient; once a device leaves the network perimeter, it is still vulnerable to attacks.

This is why today’s cyber security war is waged at the endpoint and by investing in Next Generation Endpoint Security (NGES) solutions, your devices are protected regardless of where you bring them.

3. Maintain real-time inventory and actionable intelligence

Millions of attack happen every single minute. This is why real-time surveillance is now critical for identifying and stopping attacks before they accomplish any real damage.

According to the Ponemon Institute, organizations take an average of 256 days to identify a breach and 100-120 days to response and mitigate, altogether costing the companies an average of USD$3.8mn per breach[4]. This can be easily addressed with a solution that can continuously scan, monitor and collect data from an organization’s endpoints, reducing detection and response time significantly.

By collecting detailed and actionable information on these security threats at a granular level, organizations can also attain a deeper level of insights on why and how a breach occurred, with the end goal of making it exponentially more difficult and expensive for attackers to do their work.

4. Conduct regular audits

Once a robust security infrastructure is in place, regular audits of security measures, especially connections commonly used as gateways for attacks should be carried out in order to access and re-evaluate if an update is needed.

Cybercriminals are constantly innovating and advancing their tactics of attacks. It would be foolhardy to assume that the technology of yesteryears is still effective against today’s threats.

5. Educate employees

When it comes to cybersecurity, the human is often the weakest link. Ensuring that all employees are clear on their role in data security and raising awareness on the types of threats goes a long way in closing any possible gaps in your cybersecurity infrastructure.