2014: The Year of The Breach
January 9, 2015
Many are considering 2014 to be the year of the breach.
We saw targeted attacks against large corporations, infrastructures and government systems.
The FBI reported that organizations believing they have never been attacked likely already have, and highlighted the power of malware, capable of remaining dormant in systems for for many months exfiltrating critical data. We have seen significant increases in the level of SSL traffic and the demand for 10 GB network infrastructures across a variety of verticals. In December, Bloomberg highlighted the year’s most prominent breaches, identifying that over 450 million records, including customer and employee details, email addresses and credit card numbers, were stolen from organizations the like of Sony, Home Depot and eBay.
Herjavec Group does not believe in preparing out of fear. We have, however, publicly stated that we are facing a new cold war and we have a responsibility to you, our customers, to take a proactive stance as your trusted advisor in security. As you get back into the swing of things this New Year, we trust you will reflect on your security practices. How are you mitigating risks? Have you had the pivotal conversations with key decision makers to ensure you are ready in the event a vulnerability is brought to light?
Check in with your team as well as your Herjavec Group contacts and ask yourselves key questions about your ability to mitigate existing vulnerabilities and take action in the event of a breach:
What happens when you hit the panic button?
- Will it work? How quickly? What are your established countermeasures? Blackholes? Shadow-network? Honeypots?
- Are you still too busy (or scared of results) to run a Disaster Recover simulation?
- Who do you call from PR and external communication if something goes wrong?
- How will executive communication work?
- Who are the white hats to bring your network back?
How much risk are you taking to run tech ops?
- What are your layers of security controls?
- Are all systems protected equally?
Where and what is your sensitive data?
- When you are notified that you've been compromised and provided IP addresses/host names, will you be able to discern what data was lost?
- You cannot protect what you do not know, or are not aware of… where is your sensitive data? what database, what host?
- Is this the year you'll finally finish your data and asset classification projects?
- Do your SOC Alerts/SEV levels tie back to classification information?
- What about Backup and Recover plans? Are they based on this information?
We recommend working through this list of questions and ensuring you have an action framework in place. We are here to help so please leverage Herjavec Group as you’re preparing your action plan.
We wish you and yours good health, success and prosperity in 2015.
To your success,