Big corporations in the US continue to lose critical and confidential information to unknown hackers at a very alarming rate. First, it was massive and embarrassing data breach at Sony Pictures and then it was soon followed by the equally damaging breach at Anthem Inc, a major insurer. They lost information of about 80 million customers. Both these companies were simply new trophies for the hackers who have earlier caused equally damaging breaches at Home Depot and Target.
As far as attack on Sony Pictures is concerned, the investigation is still not complete. It is not fully clear what caused the breach. Speculation ranges from the attacks by hackers in North Korea to an inside job. However, this has brought the role of cyber security to the central stage.
None of us is surprised that companies after companies continue to suffer security breaches. Despite major investment in the security software and equipment, the next victim is just a few days away.
For Vendors, a Cyber Attack Only Means Opportunity to Sell Even More Ware
Any time a major cyber attack takes place it is an opportunity for the cyber security vendors to sell more services, software and more hardware. Every big company feels that it needs to strengthen its defenses. The result is new purchase orders and some re-jigging of existing software and hardware. But, will this solve the problem? I guess not.
More software or hardware tools only make things worse. When there is more to be managed, then less is often managed. So, adding new tools doesn’t strengthen but may even weaken the existing security in place.
After analyzing or seeing the security at the some major companies, I think the problem is not the security tools, but the poor implementation of these tools. Most companies that I interacted with already have plethora of tools. Some time replicated three times. However, I did not feel any of these companies had impregnable defenses.
Perimeter Defense is Not the Complete Solution
Most IT personnel seem to trust the perimeter defense as the complete solution. They believe if they have good firewall installed then this is all the security that they need. This is only part of the solution. Firewalls can be useful but cannot solve many security vulnerabilities caused by poor internal security practices, poorly designed software, or poorly structured corporate networks.
Here are some remedial steps that can help your company from becoming the next victim of the security attack.
Regular Security Audits, Vulnerability Analysis and Penetration Testing are a Must
Security audits are typically conducted for the purposes of business-information security, risk management and regulatory compliance. A proper security audit can reveal weaknesses in technologies, processes and other relevant security practices. A regular security audit is a must because it can close the doors that are open because of some bad habits, lack of knowledge or poor IT practices.
There is no standard process to do a proper security audit except to rely on the good knowledge of the team performing the audit. Auditors typically conduct personal interviews, vulnerability scans, examination of OS and security-application settings, and network analyses. They may also analyze past event logs, backup practices etc.
Automated Penetration testing of systems and networks is also very important. It can identify any network vulnerabilities that can be exploited by hackers. A good penetration test evaluates the vulnerabilities of networks, applications, endpoints and users from external or internal attempts to gain unauthorized access to protected assets.
Add Multiple Layers of Security
The threat to every company’s data is real. They need to design their security environment by using the layers of security by installing and maintaining layers of defensive security mechanisms such as user access controls, cryptography, IPS, IDS and firewalls.
Training of Employees and Proper Security Processes are Essential
Everyone knows that they need to train all their employees in the good IT security practices. But few do. Even the strongest password can get compromised if employees use the same password in the company for business and personal purposes.
Impact of Corporate Security Management Structure
There are two models of security implementation in a large company, central control or distributed control.
When you have a decentralized structure then changes or practices in one division may not necessarily move to other divisions. Hence, one division may be very secure while another division may allow open door to the corporate network.
The solution is to create a proper structure to divide, control and monitor security of the corporate entities as a one unified unit.
Here are 10 essential steps to ensure to avoid data security breach in your corporation:
- Institute Regular Security audit, vulnerability assessments and penetration testing
- Deploy proper security processes and Train employees to follow them.
- Add multilayer infrastructure security
- Ensure encryption of data and enforce it.
- Allow only Safe software installation on the corporate networks.
- Apply vendor patches in the Timely manner
- Employ insider behavior monitoring
- Have a Formal Disaster recovery Plan in Place
- Develop a Formal Incidence Response management Plan
- Ensure syncing of divisional security practice
If you follow the above steps, your chances of suffering a Sony-like data breach in your company will be surely minimized.