The rising frequency of widely exposed data breaches is sparking a change in the attitudes of business leaders and consumers when it comes to cyber security. Board members and the C-suite executives can no longer ignore the drastic impact a data breach has on company reputation.
Data breaches have almost become a daily occurrence, according to the 2016 Internet Security Threat Report (ISTR), the number of publically disclosed data breaches have risen steadily over the last few years to reach 318 in 2015. That’s almost one data breach per day. Additionally, the largest data breach ever publicly reported last year with 191 million records compromised in a single incident. While 429 million identities were exposed, the number of companies that chose not to report the number of records lost jumped by 85 percent. Symantec research highlights that India continues to be a top source as well as destination of cyber-attacks.
Cybercriminals are making a tactical shift where they are now infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them. In such times, organizations who know their adversaries, while being aware of their own strengths and vulnerabilities, stand a better chance in the ongoing cyber security. Enterprises should implement an Advanced Threat Protection (ATP) solution that is capable of correlating suspicious activity across all control points and prioritizes the events that pose the most risk to an organization.
Unfortunately, there is no single thing an organization can do to protect themselves and their customer’s data from a breach. There are, however, a number of things that when combined, work together in limiting the value of damage to an organisations. So, what can companies do to better protect themselves and their customers’, sensitive data from security threats?
Understand your data – Anywhere, anytime access of data demands for understanding of the data. It is important to understand what data is important and who should have access to it and to what degree. This limits the accessibility of information; thus limiting the possibility of threats via weaker on unknown sources.
Protect all devices- both on and off-premise - Use active monitoring and configuration management to maintain an up-to-date inventory of devices connected to the enterprise network. This includes servers, workstations, laptops and remote devices.
Be agile – The process of uncovering threat across endpoint, network and email gateways is manual and time-consuming, which gives attackers an edge. To curb the impact at the minimum, it is important to report it at the earliest possible. If a device is compromised, security professional, may consider revoking the issued certificates or they may consider changing passwords. Organizations should opt for security products that can provide administrators with the visibility and “rich” intelligence required to uncover and remediate advanced attacks.
Prepare for a breach - Keep your security vendor contact information handy, know who you will call, and what steps you will take if you have one or more infected systems. Ensure that a backup-and-restore solution is in place in order to restore lost or compromised data in the event of successful attack or catastrophic data loss. Make use of post-infection detection capabilities from web gateway, endpoint security solutions and firewalls to identify compromised systems. Isolate compromised systems to prevent the risk of further infection within the organization, and restore using trusted backup media. If network services are compromised by exploit, malicious code or some other threat, disable or block access to those services until a patch is applied and the services are restored.
Be smart with your security investments– Businesses today, do not want to deploy multiple solutions to protect each endpoint. For business benefits, they should rather deploy solutions which will integrate itself with existing infrastructure. Solutions like Symantec Advanced Threat Protection (ATP) leverages existing threat protection infrastructure, helping companies to achieve an effective data protection regime without the expense and implementation issues from vendors. Symantec Advanced Threat Protection (ATP), is the first solution that will allow enterprises to uncover, prioritize and remediate advanced threats and zero day attacks fast, all without adding any new endpoint agents to prevent these threats.
To avoid becoming a victim of data breach, businesses should carry out regular security audits and employ defense-in-depth strategies that can detect and prevent intrusion attempts. Employing encryption can prevent attackers from siphoning off sensitive information that is in transit, while data loss protection solutions that can prevent the exfiltration of data if an attacker manages to make it into the internal network. Regardless of the extent of damage, every data breach is a serious incident and Symantec’s ATP plays a significant part in tackling our industry’s toughest security challenges.
This article has been written by Mr. Atul Anchan- Director- Systems Engineering, India, Symantec....