BreachExchange mailing list archives
Actions speak louder than TalkTalk: How to be Amazonian about cybercrime
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 15 Dec 2015 20:14:45 -0700
http://www.itproportal.com/2015/12/14/actions-speak-louder-than-talktalk-how-to-be-amazonian-about-cybercrime/ Cyberattacks are a reality of the modern world. Cybercriminals are well-organised and highly skilled, and the high profile breaches over the past year have proved that any organisation can fall victim to hacking. But the cases of Amazon and TalkTalk also offer a stark lesson in the importance of an organisation’s reaction to a breach. Recent;y, when Amazon users’ accounts were potentially compromised, the company immediately instigated a force reset of users’ passwords before informing those customers of the situation by email. By contrast, the TalkTalk hack was reported in the media before the company had made any announcement, leaving customers to read about the theft in the national papers. When faced with an attack, Amazon responded, while TalkTalk reacted. The subsequent negative impact on TalkTalk is clear, with both its reputation and share price damaged. As a direct result of these high-profile hacks, public sensitivity to the uses of data, by the organisations that hold it, is growing – especially as security breaches can go beyond financial loss. Stolen personal data can result in identity theft, ruining an individual’s credit rating or leading to criminal acts carried out in their name. Beyond this, the exposure of a platform’s users might turn personal lives upside down, as was the case with Ashley Madison. As consumers become increasingly nervous about their personal data, they are less forgiving of organisations that appear to take a blasé approach to cybersecurity. Security breaches are now almost an inevitability of modern business, and organisations must decide how they will be seen to respond. Keep it secret – keep it safe Businesses are beginning to realise how widespread cybercrime is, but are frequently behaving reactively rather than proactively; a result of a failure to plan and adequately invest in cybersecurity strategies. - To help businesses overcome this reluctance, the IT department must take the reins and force decision makers to consider the economic and reputational impact of an attack. As a starting point, companies should assess what portion of their data is most valuable and unique. - They should then put a monetary value to this data, and from there calculate the budget that they will use to protect it. Connecting cybersecurity spend more closely to the real value of protection can help executives to commit to the spend levels needed. - Additionally, to keep themselves ahead of hackers, businesses need an active security strategy that both protects access to and secures valuable data. - The IT team must take steps to discover if and how data is at risk, and put in place security measures accordingly. For the most sensitive data, encryption will ensure that even if information is stolen, it is rendered useless. Failing to encrypt data was one of TalkTalk’s very public failings, leaving hackers with access to customers’ bank account numbers and sort codes. - By contrast, in the attack on JD Wetherspoon, although the customer data was unencrypted, only the last four digits of account numbers were stored, so the information could not be used for fraud. The likelihood of breaches means it is necessary to both protect access to data, and secure the data itself. Eternal vigilance More often than not, security breaches are the direct result of human error. This might be a SPAM email that was inadvertently opened, a non-secure device used in the workplace or even a USB stick left on a train. Educating the workforce is a vital tool for cybersecurity teams in the fight to keep the business safe. In addition, as well as having a strategy in place, cybersecurity teams should continually look for flaws and vulnerabilities within their network. By becoming familiar with normal traffic, teams will be able to recognise anomalies and slow down any aggressors. Weathering the cyberstorm Given the rate at which cybercrime has matured and become its own industry, breaches are now inevitable. For this reason, businesses must not only protect themselves, but plan how to respond to a hacking. Initial measures might include resetting user passwords, as in the case of Amazon. But crucially, every response should include communication with any party who might be affected, which more often than not includes customers and partners. With a robust strategy in place, organisations can go public with confidence to explain the situation, the company’s response and the likely impact. A strong response to a cyberattack proves that a company takes its responsibilities seriously, and can preserve partner and customer confidence while protecting the business’ reputation. With the recent spate of high profile security breaches, consumers are becoming increasingly unforgiving of security breaches that expose them to hackers. The financial cost of a hack can be substantial, but damage to a business’ reputation can be even more costly. Both IT departments and business leaders need to accept the reality of cyberattacks and invest both money and time into cybersecurity. Otherwise, an attack could be fatal.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Actions speak louder than TalkTalk: How to be Amazonian about cybercrime Audrey McNeil (Dec 16)