The data breach question: No longer “if” but “when”

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.itproportal.com/2015/11/23/data-breach-question-no-longer-if-but-when/

If the increasingly frequent news of large-scale data breaches (i.e. Ashley
Madison, Target, Sony, etc.) has proven anything, it confirms that there’s
no longer a question of whether an organisation will be breached, but
rather when.

Companies need to know what to do to mitigate this risk and how to quickly
respond to contain the damage breaches like these cause when they do
happen. While executives, board members, consumers, employees, and partners
are all concerned about breaches, it’s only companies that are proactive in
building internal safeguards to minimise the impact of a breach that are in
a much better position to defend against their cost and damage.

It is clear that in recent times that companies have made a mental shift
from relying on the prevention of breaches at the perimeter to ensuring
they have damage control and resiliency when one does occur. It no longer
seems to be a career-limiting move for a security professional to make a
statement such as “I know we are likely to be breached, I just don’t know
how.” What is career-limiting, however, is being exposed as unprepared and
ill-equipped to minimise the damage associated with a breach. This new
attitude is reshaping how organisations approach IT security.

The reality is that it’s next to impossible to predict and stop every
attack. In today’s digital world, users need access to a myriad of critical
systems, applications, and data in order to do their jobs. These assets not
only exist behind the corporate firewall, but the growing trend of SaaS
application adoption often means that they exist outside of the corporate
network, as well. Add the fact that the way users are accessing these
assets is becoming ever more diversified through the adoption of mobile
computing, and you have a very complex environment. The traditional network
perimeter is rapidly vanishing, so relying on a well-protected wall around
the corporate network is no longer a sufficient form of security.

One of the most encouraging signs of the change in attitude is that the
vast majority of organisations are recognising the need for visibility and
control over who has access to what for all application types, both in the
cloud and on-premise, independent of the device they are using for that
access. This is precisely what identity and access management does.

Putting an effective identity management solution at the center of their
security strategy allows organisations to quickly react to a breach, better
understand who and what is at risk and potentially shut down an attack from
spreading. So, while we should do what we can to protect against a breach,
there are definitive steps a company can take to increase its resiliency
and potentially reduce the negative impact of a breach when it does occur.

After all, it’s the severity of the data loss, not simply the fact that
they were breached, that will impact a company’s business, damage its brand
and ultimately, impact its bottom-line.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!