Published: Jul 21, 2017
Author: Joan Ross

Managing Principal, Cybersecurity “Attacks against our business infrastructure continue, and we need to get better at security defense” was the prominent theme of RSA Conference 2016. Global security experts gathered to review, present and discuss the ways successful exfiltration of sensitive data is continuing to occur.  The human element as a weakness remains prominent in these breaches, with insiders frequently lured by external forces including malicious software, falling behind in their software patching and hardware upgrades, mismanagement of credentials, executives failing to invest in evolving their security strategy or detection technology, and teams simply being overtasked in their security duties while quality experts are in short supply were all repeated observances this last week.  Focused training is imperative, along with more decisive determinations in quality technology and heightened process. But how will the industry really get ahead of successful breaches and attacks after such a challenging year? The reality of coordinated, focused state-sponsored teams does not suffer from the same maladies as the organizations they target and attack.  They are paid, focused and united in their goal of finding data that can be used for their gain, re-sold, and exploited again. Your business and customer information in their hands has value, and they will monetize and wring out of it every dollar, every notable compromise, possible.  Mature security organizations will set the example this year by getting ahead of attack methods by using advanced analytics – effectively separating the noise from the target. CISOs need to examine where they are currently performing well in their risk management and answer these questions to best evaluate their current security posture. How does your organization and industry compare against the DBIR nefarious nine?

• CICOs must be able to evaluate and benchmark their organization against the nine most common attack categories. Empirical research data shows that ninety-six percent of breaches occur from these nine most common areas and industry.

What IT and security tools are working reliably to inform your security decisions?

• Unless you have quality data and intelligence to inform your security strategy, you will not get ahead of the threats and behaviors occurring within your business network. CISO dashboards incorporating information technology and security reporting are requirements to identify potentially malicious behavior and prevent identifiable attack patterns from occurring.

Verizon has operationalized the Data Breach Investigation Report (DBIR) to aid organizations in a wide range of industries to get ahead of common attack categories. These validations must be on the top of every CISO/CIO/CTO’s to-do list to implement as part of an updated 2016 security strategy.