Application Security //

Database Security

4/21/2016
11:55 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
100%
0%

Databases Remain Soft Underbelly Of Cybersecurity

Most enterprises still don't continuously monitor database activity.

Despite the fact that databases still hold some of the most valuable data targeted by cyberthieves, the typical organization today lacks visibility into who is accessing their structured data stores and when.

According to a new survey out by Osterman Research of some 200 enterprises, most organizations still don't assess database activity continuously and lack the capability to identify database breaches in a timely fashion. The study, commissioned by DB Networks, found the top three database security issues among enterprises were tracking compromised credentials; the potential for the organization to experience a major data breach; and the inability of the organization to identify data breaches until it was too late to mitigate damage.

At the most basic level, 59% of organizations admit they lack a high degree of certainty about which applications, users, and clients are accessing their databases. And 43% of organizations don't even have a high degree of certainty about the number and types of database residing in their IT infrastructure.

Only one in five organizations currently conduct database activity monitoring continuously and 38% of organizations don't even have the mechanisms or controls in place to do so. A little more than half of respondents say they conduct database activity assessments infrequently--only once per quarter or less often. In fact, many security organizations lack any kind of accountability for database security whatsoever. The survey showed that 47% of respondents don't have an assigned team or individual to oversee the security of their databases.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

"Organizations need to conduct a thorough audit to understand where all of their data is located, who has access to this data, the specific legal and regulatory obligations to which this data is subject, the identity of the data stakeholders, and other relevant information," wrote Osterman. "This is essential in order to build a map of sorts that will help decision makers understand the security risks they face and how to prioritize their resources in closing the security gaps that exist."

This lack of visibility and control over database and data governance is making it difficult for enterprises to track down data breaches before they do real damage. According to the survey, it takes 44% of organizations a week or longer to discover a data breach using abused or compromised credentials to access databases. And 15% say they have no idea how long it would take to detect such a breach.

"If organizations cannot identify a successful security compromise, decision makers may never know that a particular event took place until it’s too late," the report explained. "As a result, while decision makers have correctly acknowledged the security compromises of which they are aware, those about which they are not aware pose a more significant problem."

Related Content:

 

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Why the CISSP Remains Relevant to Cybersecurity After 28 Years
Steven Paul Romero, SANS Instructor and Sr. SCADA Network Engineer, Chevron,  11/6/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19220
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.
CVE-2018-19221
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
CVE-2018-19222
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
CVE-2018-19223
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI.
CVE-2018-19224
PUBLISHED: 2018-11-12
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.