by Amit Ashbel, Security Evangelist at Cognigo
In today’s IT market, no other sector is currently as large or relevant as cybersecurity. From endpoint security and network protection to anti-fraud and malware, there are many critical issues that organizations need to keep top of mind. And while new vendors are emerging to provide new solutions, the reality is that cyberattacks are growing increasingly more powerful and sophisticated each day.
This quote from Verizon’s 2019 Data Breach Investigations report is quite telling: “This year we saw, yet again, that cybercriminals are still finding success with the same tried and tested techniques, and their victims are still making the same mistakes.”
It probably makes sense for the industry to think of a new approach instead of falling victim to the same attacks.
And make no mistake — these attacks will keep occurring as long as cybercriminals are making money. As with most crimes, the end goal of most cybercrime is cash – but in order to get there, hackers first need to get access to personal user data.
Data is the new currency
According to Verizon’s report, there were over 2,200 breaches reported in 2019. That averages out to about six per day, meaning a data breach is taking place approximately once every four hours.
For any company that utilizes personal customer data (i.e. all of them), it is up to management to adequately prepare for a breach, making sure that all steps have been taken to identify their data silos and continuously protect that data.
The report also notes that “the time it takes cybercriminals to compromise a system is often just a matter of minutes – or even seconds. They don’t need much time to extract valuable data – they usually have much more than they need as it typically takes organizations weeks or months to discover a breach.”
Diving deeper into this point, most businesses have vast amounts of unknown data that they’ve collected over the years and stored in various isolated silos. This “dark” data can make up as much as 80% of an organization’s total database and, according to Forrester, 62% of companies don’t even know where it is located.
A few years back, hackers were able to break into Yahoo’s database and access hundreds of millions of accounts. The company said that its information was encrypted using the hashing algorithm MD5, which is not a secure form of protection. Even the most basic penetration testing service would identify MD5 as insecure and call for stronger encryption.
Yahoo probably would have been able to better encrypt their data if they’d had full visibility into where it was and how it was being stored.
With new privacy regulations like the General Data Protection Regulation now in effect and California’s Consumer Privacy Act soon to be made law, organizations can no longer afford to not know where their data is stored. All personally identifiable information needs to be properly maintained and protected regardless of its usage.
If your company has been breached, your first question shouldn’t be “How did this happen?” The more urgent question to answer is “What data was affected?” It’s no longer an option to claim you were “unaware.”
What actions must be taken?
Back in 2014-15, CISOs faced similar visibility challenges when it came to their IT infrastructure, including their cloud computing and IoT networks. The cyber industry was quick to act, coming up with a host of new solutions such as endpoint detection and response (EDR) and cloud access security brokers (CASB). These technologies gave security teams the power to be proactive in their risk management strategy.
Unfortunately, it looks like data security is still a few steps behind cybersecurity. It will require a large amount of effort and resources if companies hope to ever catch up.
Only by being proactive will organizations have a chance of defeating the bad guys and protecting their data and their customer data. One promising technology is artificial intelligence (AI), which has proven very effective in automating the process of risk mitigation and ensuring that security teams are not left scrambling when they uncover a data vulnerability.
About the Author
Amit Ashbel is the Security Evangelist at Cognigo. Amit has been with the security community for two decades and has taken on multiple tasks and responsibilities, including technical positions and senior product lead positions. Amit has experience with a wide range of security solutions, including network, endpoint, fraud detection, and application security. Amit’s familiarity with emerging threats, allows him to address multiple aspects of an organization’s security portfolio while constantly studying how organizations can adapt to the ever-changing landscape. Amit is a well- known speaker at high-profile conferences such as Black Hat, Defcon, Info Security Europe, IDC, OWASP AppSec, and more. Amit can be reached at email@example.com. Come see how Cognigo can help you manage your data at Cognigo.com