Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:00 PM
Anurag Kahol
Anurag Kahol
Connect Directly
E-Mail vvv

Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)

Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.

Week after week, data breaches continue to make news headlines. Despite this, companies are reluctant to make the changes to their IT environments and security practices that would help them respond to various threats, making them susceptible to having their data compromised. Even when these security adjustments are relatively simple, such as installing software updates on endpoint devices, some companies still fail to take the necessary steps.

Let's take a look at why companies are reluctant to learn from their peers' mistakes and what they can do to avoid similar fates.

Why Companies Won't Change

· Lack of knowledge and expertise: IT security professionals must continue to develop their skills in order to keep pace with the rapid evolution of technology. One of the biggest challenges for companies is finding qualified individuals who can help them to protect their sensitive data. According to (ISC)² research, the shortage of cybersecurity professionals is now 2.93 million globally. 

· Lack of resources: While companies need to reserve funds for general IT purposes, they must also invest in the proper tools and technologies that can protect them against modern threats. Unfortunately, organizations typically have large sunk costs associated with prior investments into on-premises infrastructure, which can make them more reluctant to spend the extra funds needed to adopt additional, necessary security solutions as they migrate to the cloud.

· Fear of change: Some organizations are set in their ways and might underestimate the need to adopt relevant security tools and practices in the cloud. While on-premises tools and best practices are necessary in the vast majority of organizations, the misguided impression that they extend perfectly to cloud and bring-your-own-device (BYOD) environments can be very costly. The truth is that leveraging the cloud is a fundamentally different way of doing business and requires different security solutions. 

· Illusion of safety: Some organizations have a misguided belief that they are not likely to be a target for hackers and consequently assume that they don't have to worry about cybersecurity. There is a misconception that larger or more widely known organizations represent a more lucrative target and that hackers are more likely to focus on them. However, companies that have inadequate protections are prime targets for hackers, no matter how "under the radar" they may believe themselves to be.

Lessons Learned
Organizations can no longer have a lax cybersecurity posture if they want to defend sensitive data such as their customers' personal information and accounts. Below are seven steps that companies can and must take in order to prevent data breaches: 

  1.  Hire the right talent: Ensure that the IT security professionals you hire have the right knowledge and skills to meet the security needs of your company. Having an IT team that has no experience in protecting data in cloud environments is not prudent because the majority of applications used in the modern enterprise are now cloud-based. 
  2. Stay on top of critical software updates and patches: Far too many breaches are caused by outdated or flawed software for which patches and updates are readily available. 
  3. Perform regular vulnerability assessments: Organizations must be aware of their vulnerabilities and prioritize fixing them ahead of time. For companies that leverage infrastructure-as-a-service platforms, this involves using tools to identify and address misconfigurations in cloud environments that can expose data.
  4. Educate all employees: One of the best tactics companies can leverage to strengthen security is to adopt a "security first" mentality across the entire organization. This needs to stem from the top, with the C-suite emphasizing how everyone in the company is responsible for helping to protect sensitive data, and must encompass regular training on topics such as how to spot phishing emails and how to share data securely. 
  5. Employ best-practice security tools: For all organizations, there are certain tools that are considered essential for adequate cloud security, including data loss prevention, user and entity behavior analytics, searchable encryption, and multifactor authentication (MFA). "Step-up MFA" is also a useful tool — additional authentication is required in real time if suspicious activity occurs.
  6. Be proactive: It's far easier to prevent data breaches than it is to recover from one. Make sure your security policies and practices reflect a proactive approach rather than a reactive one. 
  7. Securely enable new tech: Employees are quick to adopt any technology that boosts their productivity and makes doing their jobs easier; however, this often happens even when their companies have not yet sanctioned the use of said technology. This is particularly true of BYOD environments and cloud applications. Organizations are far safer if they get ahead of the curve and enable these types of technologies responsibly and securely. 

Organizations have witnessed the aftermath of data breaches and the costs associated with failing to keep sensitive data secure. They regularly see their peers face hefty fines, lawsuits, loss of revenue, and damaged reputations. Thinking "this could never happen to my company" is inaccurate and dangerous. Breaches can be the result of misconfigurations, malware attacks, phishing, malicious insiders, and countless other threats — any of these can cause massive damage to companies and their stakeholders. It's time for organizations to heed the warnings in the news and take a more proactive approach to cybersecurity.

Related Content:

Check out The Edge Dark Reading's new section for features, threat data and in-depth perspectives. It's like a Sunday magazine in a daily newspaper with a variety of value-add content. Today's edition features You Gotta Reach ’Em to Teach ’Em.

As Chief Technology Officer of Bitglass, Anurag Kahol expedites technology direction and architecture. Anurag was director of engineering in Juniper Networks' Security Business Unit before co-founding Bitglass. He received a global education, earning an M.S. in computer ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
8/14/2019 | 5:16:19 PM
Go post, but haven't we hard this song before
At the end of the day, it is human nature (oh yeah, I will get to it tomorrow) and pow, another cyber-incident on the news. All it takes it one person to make a mistake, and as humans, we are not built like that (to focus on every aspect and to think of every plausible outcome).

That is why this will continue to be provoked by vulnerabilities and threats until we invoke some sort of sentinel (ML) to address our shortcomings (that sentinel has to advise and be prescriptive in nature - take the information from what it has gathered and do something with it).

Simple as that.

COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...