IT managers need to possess right assets, right attributes along with right agents of security to visualise risks
The biggest challenge that enterprises face today is to manage security breaches, prevent threats and maintain the highest level of security. The 2012 Data Breach Investigations Report (DBIR), a study conducted by Verizon Risk team, along with Federal Police and US based crime units, indicates that 96 per cent of data breaches or data leakage are realised after seven to eight months after the theft has taken place.
The reason for this, purely, is not visualising the risks much before the data is located in a particular device; if done so, managing the data becomes very easy.
The most critical aspect of any enterprise and important role of any IT manager should be to visualise risks of assets, data, information and so on. Primarily, it is the right model of security that they need to get into, understanding the right assets, have the right attributes, have the right agents of security which can help them in visualising risks and deploy both entry point and operational security frameworks.
Emerging Security Risks
Our DBIR research identified emerging security risks which impact all nations and India as well, as companies are going virtual. The online world and so called social platforms have increased security threats, taking the form of activism, pranks and hacktivism (the trend of hacking and malware penetration). Across geographies, hacking made up 81 per cent of data breaches and 99 percent of data loss. Malware also played a large part in data breaches at 69 per cent and 95 per cent of compromised records.
Besides corporates, government departments have become major targets for hackers. Hactivism encompassed more than data breaches, the theft of corporate and personal information was certainly a core tactic. Personally identifiable information (PII) has become a jackpot for criminals. In 2011, 95 percent of records lost included personal information, compared with only 1 percent in 2010. Findings show that target selection is based more on opportunity than on choice. Most victims fell prey because they were found to possess an exploitable weakness rather than because they were pre-identified for attack. The interesting question about how breaches occur and various forms of breaches would indicate that 81 per cent of the breaches are due to some form of hacking, 69 per cent occur due to incorporated malware, 10 per cent are owing to physical attacks, 7 per cent due to employed social tactics and 5 per cent result from privilege misuse.
Risk Mitigation Efforts
You would notice that Indian enterprises, both large and small are becoming victims of data breaches. Besides visualising the data and its agents, these enterprises have to prescribe security rules. DBIR reports suggested that smaller organisations need to implement a firewall or ACL on remote access services, change default credentials of POS systems and other internet-facing devices and if a third party vendor is handling the two items above, make sure they have actually done them.
With large organisations, the following should be included:
* Eliminate unnecessary data; keep tabs on whats left
* Ensure essential controls are met; regularly check that they remain so
* Monitor and mine event logs
* Evaluate your threat landscape to prioritise your treatment strategy
* An unplanned or unscheduled servicing of the device. Look for presence of scratches, adhesive residue, holes for cameras, or an overlay on keypads.
It is important for IT managers to encourage people to form a security alliance and be a part of the consortium.
Investigative Response, Verizon