Thinking Outside the Checklist with Computer Network Security
Not long ago, CIA Director Leon Panetta spoke at the DC Cyber Conference on the growing threat of a Potential ‘Cyber Pearl Harbor’, explaining that cyber-attacks and malicious computer activity, “represent the battleground for the future."
It’s alarming the lack of internal computer network security (and security in general) within most IT organizations. Obviously maintaining proper network security controls are responsible for defending your organization against data breaches, compliance, and law suits, but also as important and as significant, is your ability to enforce your own HR policies.
According to industry analyst Enterprise Strategy Group, nearly one-third of organizations have experienced a data breach within the last 12 months. Another 10 percent of the computer network security professionals surveyed responded that they “don’t know” if they’ve experienced a data breach in the last 12 months. More alarmingly, 30 percent of survey respondents say that their organizations’ data breaches resulted in a “direct loss of revenue.”
Based on PricewaterhouseCoopers’s “Trends in Proprietary Information Loss” report, the Fortune 1,000 corporations experienced proprietary information and intellectual property (IP) losses of between $50 and $60 billion annually. This outranks the losses caused by viruses, worms, and spyware ($8.4 million) and system penetration by outsiders (only $6.9 million). And about a quarter of the companies surveyed said the majority of their losses were due to insiders.
Crooks focus on computer network security weaknesses, not data… The largest identified threat to date (TJX breach) was from the attackers focusing on weaknesses in their wireless network. And if can you believe it, the attack came after the organization had certified its compliance with the Payment Card Industry (PCI). That’s actually why we recommend also focus on actual threats, rather than an audit checklist.
In the real world, attackers often progress in a stepwise fashion, as the attacker gets closer to the goal. Phishing attacks and exploited Web sites may propagate malware that is used to steal credentials, which are then exploited for access to sensitive information. Users often use similar user names and passwords for multiple accounts, both personal and work related. If criminals can break into one account, they may have access to many others.
In fact, one of the top five computer network security trends identified in 2010 is an increase in password theft/grabbing attacks via increasing attacks on social networks where less technically savvy groups are susceptible. Cyber criminals understand that credentials for one application, like an email account, will also apply to other applications such as their corporate email or Intranet account.
The message is clear: you need visibility and control. These are at the heart of information governance. We provide these tools and solutions for many organizations. Threats to sensitive information on which the business directly depends have become pervasive and widespread, and the stakes are higher than ever before. This places a substantial premium on the ability to recognize threats and correlate threat behavior.
What trends have you seen in computer network security or data threat trends as of late? More importantly, what steps have you taken – or plan to take – to protect your organization?