How to ensure you have a data-secured environment
By Vishak Raman July 18, 2016
- The major trends affecting organisations’ information security plans
- The best practices for a robust security environment
2014 was perhaps the year of highly-publicised mega breaches, such as the Sony Pictures Entertainment hack.
Sony suffered a major online attack that resulted in employees’ personal data and corporate correspondence being leaked. This was covered widely across global media outlets, including social media.
Earlier this year, IBM and Ponemon Institute released the 2015 Cost of Data Breach Study: Global Analysis report.
According to their research, the average total cost of a data breach for the participating companies increased 23% since 2013 to US$3.79 million. The average cost paid for each lost or stolen record containing sensitive and confidential information increased 6%, jumping from US$145 in 2014 to US$154 in 2015.
READ ALSO: Companies still struggling to protect their data: EMC study
The report also highlights that 79% of C-level US and UK executives surveyed say executive level involvement is necessary to achieving an effective incident response to a data breach.
The major trends affecting organisations’ information security plans are:
1) Increased penetration of cloud based platforms
As more and more applications are moving towards the cloud, visibility and control are key to ensuring a secure environment.
Organisations need to ensure policy based control to provide access to cloud resources and also integrated security services like Distributed Denial of Service (DDoS), Web Application Firewall (WAF), etc. will play a major role to protect the cloud environment.
A single pane of glass to view, monitor and manage cloud resources will help organisations protect their business critical applications and end-users.
The use of phishing emails or exploit kits by hackers is costing a fortune to organisations. Cyber Threat Alliance states that the recent CryptoWall v3, one of the most lucrative and broad-reaching ransomware campaigns affecting Internet users today (PDF), has cost hundreds of thousands of users worldwide more than US$325 million.
The easiest way for an individual is to pay the ransom and get their data back.
The use of advanced security tools like security information and event management (SIEM), DDoS protection, data loss prevention tools, etc. and robust structure for real-time security protection can reduce the threat of ransomware.
3) Known vulnerabilities
The adoption of open-source platforms has levelled the playing field for many organisations. Enterprises today look to integrate off-the-shelf software packages to existing platforms, reducing cost of developing tools inhouse.
In the process, it is easy miss the risk of existing vulnerabilities being exploited by cybercriminals. HP’s Cyber Risk Report 2015 (PDF) highlights that 44% of security breaches in 2014 came from two- to four-year-old vulnerabilities.
Regular software patches and skillset upgradation is important to avoid common misconfigurations and protect business assets.
4) Internet of Things
The evolution of the Internet of Thing (IoT) implies more devices becoming part of the communication ecosystem.
With IDC predicting that 212 billion devices will be connected by 2020, the growing relationship between the IoT and the cloud can potentially multiply the number of endpoints connected to cloud environments exponentially, which may have severe security implications.
The IoT may provide excellent business opportunities, but companies should be mindful about ensuring that access is limited and secure. Sensitive data should be encrypted, access must be restricted, while role-based access must be treated with utmost importance.
The best practices for a robust security environment are:
1) Threats and compliance
Organisations must take a deep-dive into what specific threats are on the rise and what concerns their business the most.
Also worth looking into what new compliance rules (depending on varied nature of business) are set to kick in and accordingly evaluate the need to change the play of products and services.
This assessment can help organisations chalk out the most serious potential risks.
Managed services and cloud environments are being used to deliver applications which work in tandem, with one resource calling the other. This provides flexibility but also provides access points for attacks.
Organisations should build a roadmap to deploy defences at appropriate touch-points, protecting mission-critical applications and improving their application security posture.
3) Event logs and response plan
Event logs provide ongoing and a near real-time view into what happens in the network. It is one of the most important diagnostic tools. Event logs also help measure overall health of the network and help set up a plan for multiple incidents that might occur in the IT environment.
Organisations should create efficient incident response/ recovery plans for the smooth running of their business, and regularly update their security environment.
Here are some key services that can help create a secure environment that not only takes care of existing threats, but also targeted evolving and unknown threats.
- DDoS protection: A managed service from an established service provider capable detecting a DDoS attack and removing all malicious traffic, before it reaches corporate IT systems;
- Data loss prevention: Hardware and software solutions to constantly monitor data entering or leaving an organisation’s network, and business-critical data stored across all devices. This includes automated alerts to enterprise users to take appropriate actions;
- Malware protection: Protects organisations from known as well as unknown, zero-day threats. The core technology within the service uses advanced file analysis and sandboxing techniques for identifying ‘signature-less’ threats; and
- Security incident and event management: This service provides with information on overall security posture by analysing logs from enterprise networks, servers and applications. The enterprise is presented with actionable information that can be used for auditing the network and taking steps to secure the weak areas.
Vishak Raman is vice president of Content Delivery Network (CDN) & Managed Security Services (MSS) at Tata Communications.
Cutting the wire: IoT security Part I
Network visibility not just about security, but future-proofing
The war against cybercrime now rages at the app layer: F5
Preventing data loss, and the health of your business
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.