Actions speak louder than TalkTalk: How to be Amazonian about cybercrime

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.itproportal.com/2015/12/14/actions-speak-louder-than-talktalk-how-to-be-amazonian-about-cybercrime/

Cyberattacks are a reality of the modern world. Cybercriminals are
well-organised and highly skilled, and the high profile breaches over the
past year have proved that any organisation can fall victim to hacking. But
the cases of Amazon and TalkTalk also offer a stark lesson in the
importance of an organisation’s reaction to a breach.

Recent;y, when Amazon users’ accounts were potentially compromised, the
company immediately instigated a force reset of users’ passwords before
informing those customers of the situation by email. By contrast, the
TalkTalk hack was reported in the media before the company had made any
announcement, leaving customers to read about the theft in the national
papers. When faced with an attack, Amazon responded, while TalkTalk
reacted. The subsequent negative impact on TalkTalk is clear, with both its
reputation and share price damaged.

As a direct result of these high-profile hacks, public sensitivity to the
uses of data, by the organisations that hold it, is growing – especially as
security breaches can go beyond financial loss. Stolen personal data can
result in identity theft, ruining an individual’s credit rating or leading
to criminal acts carried out in their name. Beyond this, the exposure of a
platform’s users might turn personal lives upside down, as was the case
with Ashley Madison.

As consumers become increasingly nervous about their personal data, they
are less forgiving of organisations that appear to take a blasé approach to
cybersecurity. Security breaches are now almost an inevitability of modern
business, and organisations must decide how they will be seen to respond.

Keep it secret – keep it safe

Businesses are beginning to realise how widespread cybercrime is, but are
frequently behaving reactively rather than proactively; a result of a
failure to plan and adequately invest in cybersecurity strategies.

- To help businesses overcome this reluctance, the IT department must take
the reins and force decision makers to consider the economic and
reputational impact of an attack. As a starting point, companies should
assess what portion of their data is most valuable and unique.
- They should then put a monetary value to this data, and from there
calculate the budget that they will use to protect it. Connecting
cybersecurity spend more closely to the real value of protection can help
executives to commit to the spend levels needed.
- Additionally, to keep themselves ahead of hackers, businesses need an
active security strategy that both protects access to and secures valuable
data.
- The IT team must take steps to discover if and how data is at risk, and
put in place security measures accordingly. For the most sensitive data,
encryption will ensure that even if information is stolen, it is rendered
useless. Failing to encrypt data was one of TalkTalk’s very public
failings, leaving hackers with access to customers’ bank account numbers
and sort codes.
- By contrast, in the attack on JD Wetherspoon, although the customer data
was unencrypted, only the last four digits of account numbers were stored,
so the information could not be used for fraud. The likelihood of breaches
means it is necessary to both protect access to data, and secure the data
itself.

Eternal vigilance

More often than not, security breaches are the direct result of human
error. This might be a SPAM email that was inadvertently opened, a
non-secure device used in the workplace or even a USB stick left on a
train. Educating the workforce is a vital tool for cybersecurity teams in
the fight to keep the business safe. In addition, as well as having a
strategy in place, cybersecurity teams should continually look for flaws
and vulnerabilities within their network. By becoming familiar with normal
traffic, teams will be able to recognise anomalies and slow down any
aggressors.

Weathering the cyberstorm

Given the rate at which cybercrime has matured and become its own industry,
breaches are now inevitable. For this reason, businesses must not only
protect themselves, but plan how to respond to a hacking. Initial measures
might include resetting user passwords, as in the case of Amazon. But
crucially, every response should include communication with any party who
might be affected, which more often than not includes customers and
partners. With a robust strategy in place, organisations can go public with
confidence to explain the situation, the company’s response and the likely
impact. A strong response to a cyberattack proves that a company takes its
responsibilities seriously, and can preserve partner and customer
confidence while protecting the business’ reputation.

With the recent spate of high profile security breaches, consumers are
becoming increasingly unforgiving of security breaches that expose them to
hackers. The financial cost of a hack can be substantial, but damage to a
business’ reputation can be even more costly. Both IT departments and
business leaders need to accept the reality of cyberattacks and invest both
money and time into cybersecurity. Otherwise, an attack could be fatal.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!