Sony Data Breach: Implications and Actions to Take
This most recent breach is yet another example of the increasingly sophisticated attacks being perpetrated against the world’s strongest and most trusted companies. It is demonstrative of the “New Normal” where cyber threats and attack vectors are evolving at a much faster pace than security is able to. There are many reasons for this:
1. Cybercrime is a well-organized and highly profitable business.
2. Politically motivated attacks have vast resources in terms of people and funding. These attackers believe they are perpetrating acts of patriotism.
3. Businesses demand that data be accessible everywhere to staff, customers, partners and more.
4. There is a frightening paradigm right now where it actually costs MORE to protect an organization against a cyber crime than it does to perpetrate a crime. (source “Geekonomics” by David Rice, Amazon http://www.amazon.com/Geekonomics-Real-Cost-Insecure-Software/dp/0321735978/ref=sr_1_1?ie=UTF8&qid=1303989847&sr=8-1)
Organizations with the best security technology and process can still be vulnerable to these new attacks. How can we, as IT executives, best prepare our organizations to respond to an attack?
Michael Gabriel of Integralis says, “Given the rapid evolution of threats and attacks, coupled with the increased data footprint and limited understanding of data flow within an organization, it is not surprising that successful attacks are on the rise. Organizations must be on high alert all the time. Preventative measures such as reducing your sensitive data footprint and properly deploying DLP technology or optimizing a DLP solution that’s already in place are great steps to take. However, it’s not enough to think just in terms of prevention. As IT executives facing a scary New Normal, we must prepare ourselves and our organizations to effectively respond to an attack against our own organization. “
Below are a few helpful best practices to get you started:
1. Make sure your internal Incident Response process is adequate to the task of:
– Isolating and eradicating the attack
– Recovering from the attack
– Providing distinct communication channels between the incident handlers and incident managers
2. Execute a pre-defined Data Breach Response process to:
– Accurately identify ALL external parties affected by the data breach
– Process pre-defined data breach response options, including whether to offer credit monitoring services
– Obtain affected individuals addresses and provide timely notification
– Develop an Data Breach FAQ and train call center representatives to handle data breach-related calls
– Provide post-data breach customer support
3. Remember that timely data breach notification and good post-breach
customer support are the key to retaining customers and protecting brand
reputation.
Courtesy of Integralis*
Follow
