Our website makes use of cookies like most of the websites. In order to deliver a personalised, responsive and improved experience, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information. By clicking continue here, you give your consent to the use of cookies by our website.

CCI
Friday, 27 May 2016 15:58

Defending the indefensible: ensuring your security strategy adds value

Posted By  Rick Orloff

Rick Orloff, Chief Security Officer at Code42 explains why implementing a multi-layered security strategy can minimise the damage caused by data breaches.

An increase in the number of high-profile data breaches over the last year would suggest heightened demand for security measures. And attacks are not limited to a single type of organisation. You only have to look at the media headlines around breaches in companies such as Vtech, Ashley Madison, and Slack, to realise that organisations of all shapes and sizes are still targets for unlawful actors.

However, perhaps surprisingly, a feeling that suffering a breach at some stage is simply an inevitability could lead to a sense of apathy amongst decision-makers. The C-suite likes to make decisions based on facts and data, and if it suggests that even the best security strategy cannot prevent data loss, then making the business case to implement one in the first place becomes more challenging for security professionals. Arguably, this means that security professionals now have it tougher when it comes to justifying their budget to the C-suite. They need to focus on articulating the strategy and why they believe It’s effective.

In addition, the seemingly ever-increasing number of devices used by employees to undertake tasks ‘on the go’ mean that private company information, once kept relatively safe in the preserve of the data centre, is now scattered across a range of endpoints. Each additional device provides another potential entry point for cyber-criminals or an opportunity for careless usage to result in data loss. So how can CIOs and CISOs explain the return on investment for a comprehensive security strategy in purely financial terms?

The business case for security

The good news is that evidence from studies such as the Verizon 2015 Data Breach Investigations Report help to provide justification for data loss prevention methods – the total number of compromised records drives the total cost of a data breach, because more widespread breaches result in a greater the loss of customer trust. This means that mitigating factors (including data loss prevention measures) effectively reduce total breach cost, by reducing the total number of records lost.

Simply put, each lost record costs the business revenue and breaks customer trust. So, while data loss prevention measures may not eradicate breaches, their value lies in minimising the total number of records lost, and therefore the overall financial damage. Perhaps most importantly, 40 percent of the data loss incidents examined by the Council on Cybersecurity could have been prevented or mitigated by the following ‘quick win’ measures.

Multi-factor authentication

The idea behind multi-factor authentication is that it adds another layer of defense to login processes by requiring at least two independent credentials from the user – a password followed by biometric authorisation for example. These extra layers of defense make it more difficult for hackers to break into accounts, because even if one of the factors is compromised, a barrier to access still remains in place.

Antivirus protection

In times gone by, back when mission-critical data was stored within the confines of the data centre, the traditional antivirus firewall offered a far more effective method of protection. Antivirus (AV) software scans files to detect and remove malicious software, by examining a database of known viruses or identifying suspicious behaviour.

However, the exponential growth of sophisticated malware types means that keeping the database up to date is a key challenge for antivirus providers and users, and has led industry experts to suggest that AV software is only 50% accurate in identifying malware. That said, AV still remains a valuable form of defense when implemented as part of a multi-layered security stack, and in many cases is a requirement for regulatory compliance.

Endpoint backup

Endpoint backup provides complete visibility and control over company data, by continuously and automatically backing up the data stored across a company’s entire range of endpoint devices. This not only provides security professionals with the ability to identify suspicious user behaviour and prevent data loss through malicious activity on their behalf but also guards against one of the biggest security threats out there – ransomware.

Ransomware works by encrypting all of the data on infected devices, and then demanding the payment of a ‘ransom’ to a cyber criminal in order to unscramble the data. For businesses that do not have a backup solution in place, ransomware attacks can result in huge financial losses due to wasted company time and lost assets. However, with an endpoint backup solution in place, all the externally backed up data can be restored within a few minutes, keeping downtime to a minimum.

To conclude, whilst the number of data breaches is increasing to the point where it is inevitable that many companies will fall victim at some stage, implementing a multi-layered security strategy can still minimise the damage that is caused as a result. Also, by partnering with the right security vendors and implementing intelligent solutions which are regularly maintained – a healthy ROI will not be hard to demonstrate.

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

IBM skyscraper2

datazen side

Most Read Articles