Attacks/Breaches

7/7/2015
01:40 PM
Connect Directly
Google+
Twitter
RSS
E-Mail vvv
50%
50%

Twitter Chat: How To Prepare For A Cyberattack

Join the GTEC and Dark Reading Twitter chat, "Is It Possible to Prepare for a Cyber Attack?" on Wednesday, July 8 from 2-3pm EST, using the #GTECCHAT hashtag.

There's no way prevent a cyberattack. That horse left the barn a long time ago, when traditional perimeter security could no longer deter the bad guys who now merely go straight to the weakest link -- the end user.

But there are ways to prepare for a cyberattack. This seemingly fatalistic mindset is actually now considered a healthy and realistic way to look at your organization's risk of getting hacked. An obvious first step, of course, is embracing best practices, such as running updated and (fully) patched software; a layered, defense-in-depth architecture of security tools; and schooling end users on how to avoid falling for phishing or other attack lures. It's about mitigating and minimizing the damage: stopping the bad guys from sneaking out with data, for example.

And security also now encompasses incident response -- in the aftermath of an attack, what to do, who to contact, and how to report a breach publicly. That requires a written plan, tabletop exercises, executive-level buy-in, and more.

Join Dark Reading (@DarkReading) and GTEC (@GTEC) tomorrow, July 8, from 2-3pm EST, when we will drill down on this topic in a Twitter chat, "Is It Possible to Prepare for a Cyber Attack?" Bring any questions, comments, and experiences in the live online discussion. Please use the hashtag #GTECCHAT to participate in the chat.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
7/8/2015 | 7:25:15 AM
Best practices
Although I agree that for most organisations an eventual attack is inevitable, especially if you reach a certain size, I think the most important lesson is to make sure you are not the lowest hanging fruit. Unless you are being specifically targeted for some reason, chances are hackers are going to go after the easiest organisation of your type.

Just like with a zombie attack - you only really need to outrun your friends - when it comes to hacking the best first step is making sure your security is better than your neighbors. 
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Moderator
7/7/2015 | 4:45:12 PM
Perimeter security can no longer deter the bad guys
I agree that "traditional perimeter security could no longer deter the bad guys," and according to a study by Ponemon Institute, related to the recent spate of high-profile cyber attacks. According to the survey database security was recommended by 49% of respondents, but the study found that organizations continue to allocate the bulk of their budget (40%) to network security and only 19% to database security. Ponemon concluded that "This is often because organizations have traditionally spent money on network security and so it is earmarked in the budget and requires no further justification."

I agree that we need "a layered, defense-in-depth architecture of security tools," and "stopping the bad guys from sneaking out with data." We know that less than 14% of breaches are detected by internal security tools according to the annual international breach investigations report from Verizon.

I found great advice in a Gartner report, covering enterprise and cloud, analyzed solutions for Data Protection and Data Access Governance and the title of the report is "Market Guide for Data–Centric Audit and Protection." I recently read another interesting Gartner report, "Big Data Needs a Data-Centric Security Focus," concluding," In order to avoid security chaos, Chief Information Security Officers (CISOs) need to approach big data through a data-centric approach.

We are seeing a number of common issues across recent data breaches, stealing our most sensitive data, and I think it is time to re-think our security approach and be more data-centric.

Ulf Mattsson, CTO Protegrity
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
10 Ways to Protect Protocols That Aren't DNS
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/16/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10727
PUBLISHED: 2018-07-20
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive ...
CVE-2018-8018
PUBLISHED: 2018-07-20
Apache Ignite 2.5 and earlier serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a spe...
CVE-2018-14415
PUBLISHED: 2018-07-20
An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists via the fourth and fifth input elements on the admincp.php?app=prop&do=add screen.
CVE-2018-14418
PUBLISHED: 2018-07-20
In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI.
CVE-2018-14419
PUBLISHED: 2018-07-20
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.