Organization need to protect their infrastructure and be able to respond to threats rapidly should a breach happen. Staying ahead of the threats requires visibility into the system so organizations can manage them properly and ultimately protect against emerging threats.
And innovative and proactive technologies allow organizations to stay a step ahead of the explosion of malicious applications. Consultant for Enterprise Security – Symantec believes that businesses should revitalize their strategies and adopt a well-rounded approach to protect against data breaches in view of the current threat landscape.
The current data breach landscape is characterized by a growing number of threats targeting confidential corporate information. In 2008, 90% of company attacks were driven by organist crime, going after information that will bring financial gains, such as customer database, credit card credentials, bank account information and intellectual property.
Another common source of data breach is well-meaning insiders. These are employees who have legitimate access to the corporate network but through carelessness, expose their companies to risk. Examples include leaving an unencrypted USB thumb-drive with sensitive data in a cab or a coffee shop, or an employee who emails sensitive data out from their corporate email to unprotected Web email so they can work on it at home. Data indicates that 67% of security breaches were due to such negligence.
Companies should also not deny the existence of malicious insiders. These are again employees who have legitimate access to the network but deliberately steal company’s information either in a moment of anger, or with the intention of misusing the information.
In fact, a study by Ponemon Institute this year showed that about 60% of all employees surveyed in the US did not feel it was wrong to take confidential information with them when they left.
From expert observation, cyber-criminals have dedicated teams specializing in stealing confidential information. There are primarily four key stages in the process:
Incursion, where the malware gets into a company through avenues such as spam, web and unmatched vulnerabilities.
Discovery, where the cyber-criminals look for valuable assets, primarily confidential information, in the company.
Capture, where the cyber-criminals get hold of those valuable assets. Last year alone, 285 million records were stolen compared to 23o million between 2004 and 2007.
Exfiltration, where the cyber-ciminals move the assets out of the company.
This is a global phenomenon that targets companies regardless of size, industry and geography. With rapid broadband adoption in Malaysia, it is inevitable that cyber security threats will continue to propagate and the risk of businesses falling victim to data breach will continue to happen. Security breach is costly to every organization. It can mean the loss of reputation, competitive information and breach of compliance on data privacy regulations.
Symantec’s Asia Pacific Japan Internet Security Threat Report XIV revealed that in 2008, Malaysia ranked second in Web-based attack and third highest in bot-infected computers among Southeast Asian countries. Malaysia was also the third highest country hosting phishing sites in Southeast Asia, with 47% of attackers targeting the financial sector. These statistics represent a clear indication that Malaysia is not spared from cyber threats.
IT expert advice companies to take a holistic approach in security strategies to protect their organizations against data breaches. The strategies should focus on four core areas to address the key weaknesses that lead to data breaches — poorly protected infrastructure, poorly protected information, lack of IT policies, and poorly managed systems. Companies should start building their security strategies according to this four-pronged model that addresses those weaknesses.
An information-centric approach is effective in proactively protecting information and interactions. Companies should know where their confidential information is, how the information moves internally, and who has access to it so they can better protect it.
Companies are also advised to develop and enforce IT policies and automate their compliance processes. By managing risks and defining policies that span across every location, policies can be enforced through built-in automation and work-flow. This does not only identify threats, but also re-mediate incidents as they occur or anticipate them before they happen. Finally, companies need to manage their endpoints efficiently through standardization, work-flow and automation.
There are solutions, which help to standardize security and management across physical and virtual platforms and endpoints to ensure that information, infrastructure and processes can be protected completely, managed easily and controlled automatically, regardless where information is used, stored or communicated.
Symantec provides solutions that address the four important needs to build a well-rounded security approach to protect against data breaches for businesses:
Symantec Protection Suite to protect infrastructure and keep away security threats, from endpoints, email gateways and servers Control Compliance Suite to help companies put together the right IT policies, assess how their infrastructure are setup against those policies and reporting any deficiencies Data Loss Prevention Suite to identify and classify sensitive information, find the information and manage it.
Altiris Total Management Suite helps manage endpoints efficiently.
A majority of Asia companies are indeed aware of the importance of data protection and are willing to spend to ensure that they are not compromising on the protection of confidential information. However, there is a need for organizations to adopt a new attitude towards security.
Although security remains a top priority, we found that most companies in Malaysia are still deploying security technologies that focus on protecting the infrastructure. While those are necessary components of a protection strategy, they are not the end all.
Companies should take into consideration vibrant changes in today’s technology, which constantly open new security parameters within the environment of organizations. The growing mobile workforce trend, for example has introduced the need to protect endpoints, including desktops, laptops and mobile devices.