Attacks/Breaches

7/7/2015
01:40 PM
Connect Directly
Google+
Twitter
RSS
E-Mail vvv
50%
50%

Twitter Chat: How To Prepare For A Cyberattack

Join the GTEC and Dark Reading Twitter chat, "Is It Possible to Prepare for a Cyber Attack?" on Wednesday, July 8 from 2-3pm EST, using the #GTECCHAT hashtag.

There's no way prevent a cyberattack. That horse left the barn a long time ago, when traditional perimeter security could no longer deter the bad guys who now merely go straight to the weakest link -- the end user.

But there are ways to prepare for a cyberattack. This seemingly fatalistic mindset is actually now considered a healthy and realistic way to look at your organization's risk of getting hacked. An obvious first step, of course, is embracing best practices, such as running updated and (fully) patched software; a layered, defense-in-depth architecture of security tools; and schooling end users on how to avoid falling for phishing or other attack lures. It's about mitigating and minimizing the damage: stopping the bad guys from sneaking out with data, for example.

And security also now encompasses incident response -- in the aftermath of an attack, what to do, who to contact, and how to report a breach publicly. That requires a written plan, tabletop exercises, executive-level buy-in, and more.

Join Dark Reading (@DarkReading) and GTEC (@GTEC) tomorrow, July 8, from 2-3pm EST, when we will drill down on this topic in a Twitter chat, "Is It Possible to Prepare for a Cyber Attack?" Bring any questions, comments, and experiences in the live online discussion. Please use the hashtag #GTECCHAT to participate in the chat.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
7/8/2015 | 7:25:15 AM
Best practices
Although I agree that for most organisations an eventual attack is inevitable, especially if you reach a certain size, I think the most important lesson is to make sure you are not the lowest hanging fruit. Unless you are being specifically targeted for some reason, chances are hackers are going to go after the easiest organisation of your type.

Just like with a zombie attack - you only really need to outrun your friends - when it comes to hacking the best first step is making sure your security is better than your neighbors. 
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Moderator
7/7/2015 | 4:45:12 PM
Perimeter security can no longer deter the bad guys
I agree that "traditional perimeter security could no longer deter the bad guys," and according to a study by Ponemon Institute, related to the recent spate of high-profile cyber attacks. According to the survey database security was recommended by 49% of respondents, but the study found that organizations continue to allocate the bulk of their budget (40%) to network security and only 19% to database security. Ponemon concluded that "This is often because organizations have traditionally spent money on network security and so it is earmarked in the budget and requires no further justification."

I agree that we need "a layered, defense-in-depth architecture of security tools," and "stopping the bad guys from sneaking out with data." We know that less than 14% of breaches are detected by internal security tools according to the annual international breach investigations report from Verizon.

I found great advice in a Gartner report, covering enterprise and cloud, analyzed solutions for Data Protection and Data Access Governance and the title of the report is "Market Guide for Data–Centric Audit and Protection." I recently read another interesting Gartner report, "Big Data Needs a Data-Centric Security Focus," concluding," In order to avoid security chaos, Chief Information Security Officers (CISOs) need to approach big data through a data-centric approach.

We are seeing a number of common issues across recent data breaches, stealing our most sensitive data, and I think it is time to re-think our security approach and be more data-centric.

Ulf Mattsson, CTO Protegrity
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: So now we are monitoring the monitor?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14623
PUBLISHED: 2018-12-14
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulne...
CVE-2018-18093
PUBLISHED: 2018-12-14
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
CVE-2018-18096
PUBLISHED: 2018-12-14
Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2018-18097
PUBLISHED: 2018-12-14
Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2018-3704
PUBLISHED: 2018-12-14
Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.