Pop! Goes the weasel hacker into your customer database

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.bizjournals.com/phoenix/blog/business/2015/02/pop-goes-the-weasel-hacker-into-your-customer.html

Oh, yes, you have up-to-date antivirus and anti-malware protection in your
servers, tablets, laptops, and you have firewalls. Feel safe? Think again.
The question is not if an adept, malevolent hacker will breach your system.
The question is when. And then what will you do? Pray.

Or, you can install the newest methods of instant response to even a hint
of a potential or an actual breach. Call it automated cyber security
operations and incident response. And then in real-time these new systems
and your cyber response team can take instant action to thwart and mitigate
potentially massive damage to your business and your customers.

The first installations have begun in major corporations and in government
organizations.

What went wrong when…

Target Corp. experienced a well-known breach that did significant damage to
a good U.S. company - huge costs, loss of customer data, loss of business,
and large collateral damage in the press. Target had conventional breach
prevention measures in place, but it happened anyway. Estimated overall
costs now exceed several hundred million dollars.

Sony was hit twice with significant breaches that damaged its reputation
and loaded it with enormous costs estimated at several hundred million
dollars.

Here's a long list of 2014 breaches in well known U.S. corporations alone.

This is a list of only the commercial business community. Other lists of
breaches in U.S. government organizations are equally mind breaking.

> From reactive to proactive

Assume that you will eventually be hit with a serious breach, no matter
what protective measures you have taken. If you already have your internal
cyber security response team in place, good. If not, bad. Go hire a strong
team quickly – and with a great leader.

Then, make very certain that you have the very best anti-virus,
anti-malware, firewalls, and other critical components in place. Either
your own cyber response team can do this, or you can contract with outside
experts to help.

Finally, start looking for the very best incident response and automated
security operations software system. It should integrate at least three
critical functions:

Incident Response - informs and marshals your internal security operations
teams around a potential or real breach to stop or mitigate economic and
other damage.

Vulnerability Management – a process of remediating vulnerabilities based
upon your system assets, such as servers, peripherals, laptops, phones,
tablets, and more.

Threat Management - provides your system with access to a database of
125,000,000 known malware samples and viral threats to help isolate the
characteristics of a breach.

By the way, this database has been created by the Georgia Institute of
Technology and is expanding at the rate 1,000,000 new entries per day. Do
you think we have a problem, Houston?

Breach cost escalation

The longer a breach persists, the more it grows and the more damage it
causes. At some point, your customer databases may be copied without you
knowing it. Once that has happened, the economic and collateral damage have
skyrocketed and it is literally too late. There is no hope.

So, dig deeper and find out more about the new advanced systems that
respond instantly and robustly to potential and real intrusions. Now there
is hope.

The bottom line

Get smart. Arm yourself with an expert cyber team to help disarm breaches
when they happen. Mobilize them with the newest security operations
automation that integrates vulnerability management, incident management,
and threat management. Stop digital damage instantly. Trap the weasel
hacker.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!