Last month it was AdylKuzz. Last week was Peyta/NotPeyta. How will next month's malware evolve? With each season, organizations can expect a new strain of malware to be discovered. Though there can be specific areas of focus for malware within an industry, the goal is always the same; access data, obtain data, and then make money.
Unlike breached data of previous hacks which focused on stolen data about individuals, current malware and ransomware may be taking a different route. The virtual assets of businesses appear to be the targeted focus. This does not imply that individuals will no longer be as targeted or that protections and concerns should be eliminated or diminished for individuals. At the time of this writing, Avanti Markets was the latest to be hacked, putting customer credit card accounts in jeopardy, however, speculations have been reported that biometric data could be contained within the breached data.
In a recent post from Bart Mroz, he points out what he calls "one of the most sobering statistics" regarding a data breach, and the statistic has nothing to do with costs. Discussing the 2016 Ponemon research, Mroz reports that it takes 6 months to detect a security incident.
Currently, Ponemon's 2017 research shows the average time it takes to detect a security incident has in fact decreased from last year's data by 6 days. However, the decrease to 191 days, a 6-month average to detect a security incident, is a sobering thought. Containing the same security incident averages approximately 2 months time.The costs accumulated during this time can range per record, but ultimately costs are on the decline globally. Ponemon notes a 10 percent drop in breach costs during the past year. Though this is promising, an exception to the drop in costs is within the US, where cost has increased by approximately 5 percent.
Why Real-Time Detection Matters
Responding to incidents is not possible if an organization's networks do not have the correct policies, procedures, and even the right tools to monitor assets on a regular basis.
Though Benjamin Franklin's quote, "An Ounce of Prevention Is Worth a Pound of Cure" was aimed at fire safety in the 1700s, the same concept cannot be more applicable to information security.
Compliance May Not Equal Security
- Detecting changes in files associated with applications, databases, routers, servers, and other devices in your IT infrastructure
- Capturing the details of each change
- Interpreting the details and identifying if the change is a security risk or not
- Alerting you of the changes and immediately remediating issues caused by an improper change
Configuration files, directory permissions, and executables should be monitored in real-time. Additionally, real-time detection and remediation can be the difference between a security incident and loss of protected information, which can turn into a costly breach.
Learn how to protect yourself against potential security incidents. See how CimTrak can keep your systems secure and identify changes throughout the enterprise.
July 12, 2017