Proactive vs Reactive Security
Cyber Security may well be one of the largest Information Technology markets today. Ranging all the way from Network protection through the end point, the application’s code, Secure Web Gateways, Anti Tampering, Anti Malware, Anti Fraud, Anti Phishing and the list goes on an on.
Vendors deliver products, solutions, services and what not.
Information Security businesses are booming but the attacks are still stronger than the defense.
“This year we saw, yet again, that cybercriminals are still finding success with the same tried and tested techniques, and their victims are still making the same mistakes”
Verizon’s 2018 Data Breach Investigations report
One should probably stop and think for a second. Maybe a different approach makes more sense?
Verizon’s 2018 Data Breach Investigations report
The end goal of most attacks is cash (See above image). But in order to get to the cash attackers need to first put their hands on personal data.
Data is the new Currency.
According to Verizon’s 2018 Data Breach Investigations report, during the past 12 months, there were more than 2200 data breaches reported. There are more than 6 data breaches a day which means that on average, every four hours there is a data breach in progress somewhere.
If an organization uses and stores any personal data, it is management’s responsibility to prepare for when the inevitable breach occurs and ensure the organization has taken proper steps to identify all data silos and ensure private data is protected continuously everywhere.
The time it takes cybercriminals to compromise a system is often just a matter of minutes — or even seconds. They don’t need much time to extract valuable data — they usually have much more than they need as it typically takes organizations weeks or months to discover a breach.
Let’s talk about this challenge a bit further. While there is data that we make use of on a daily basis, there is also a huge amount of dark data which has been collected over the years and stored in all kinds of different silos isolated from each other. In some cases the known vs the unknown data is around 20% vs 80% and according to Forrester more than 62% of the organizations don’t know where their data is.
A while ago, Yahoo reported a breach that exposed millions of credentials. It turns out that the data was hashed with MD5 which. It is well-known fact that MD5 is no longer acceptable. Every basic penetration testing service would automatically identify MD5 as not secure enough and demand better encryption.
My guess is that Yahoo would have properly encrypted the data if they just knew where and how it is stored.
With Data privacy regulations like the GDPR fully in effect and the California Privacy Act soon to be, it has become apparent that not knowing is no longer an option. PII data has to be very carefully maintained and protected no matter if it is used or unused, stored locally or on the cloud or it is in production or backed up.
It’s no longer a question of “how did we get breached”. The more urgent questions is “what data did the breach impact?”
Not knowing is no longer an excuse.
What can be done?
A few years ago, CISOs were facing the same lack of visibility problem with their IT infrastructure, cloud services, and IOT devices. The industry reacted with a new breed of solutions such as CASBs and EDRs, that allowed security teams, not only to respond to risks but also to take a proactive approach and remediate risks with this new kind of visibility.
Pro-activity only starts when there is visibility, for instance, EDR can tell the “full” story behind a malware or a malicious actor, and can access instantly what devices are at risk.
While we saw a massive development in cyber-security, data security is still stuck in the past and requires high investment in manual administration.
Cognigo pioneers a proactive approach to protecting our data. With new, unprecedented AI-driven visibility to data, we allow security teams not only to react to data vulnerabilities but to automate the risk mitigation process — at the source.
Our proactive approach doesn’t require manual administration and provides complete data governance everywhere. Through Cognitive Computing, we answer the critical question in real-time from locating data at risk and data attribution to fully automated data forensics and regulation enforcement.
