Resources

Blog

The Data Breaches That Weren't

Minecraft is the latest company to be wrongfully accused of losing control of customer data. The real culprit: users, themselves.
Blog

Enterprise Data Security Breaches: Experts on How Companies Can Protect Themselves From Big Data Breaches

Most businesses today are well aware of the need to have a comprehensive data security strategy to protect themselves, their employees and their customers from various security threats. And fortunately for many small to medium sized businesses, due to their size and simpler business structures, a standard data security plan will be enough to accomplish their data security needs.
Blog

The Art of Stealing Terabytes

How did hackers manage to extract terabytes of data from the network of Sony Pictures without direct, physical access? It may have been easier than you would think.
Blog

Five Devastating Hacks That Predate Sony

Sony Pictures Entertainment is the most recent and, perhaps, the highest-profile victim of what might be considered a “Category 5” hack. But it’s hardly the only company to get digitally pants’d by hackers. Here is a list of some other notable victims and details of how they got hacked.
Blog

Data Breach Experts Share The Most Important Next Step You Should Take After A Data Breach

The majority of successful companies of today are well aware of common data security issues and put a great deal of trust into their own efforts towards preventing a data security breach. However, as demonstrated by recent security breaches of several large, tech-savvy companies such as Target, LivingSocial, Facebook, Gmail, and Twitter, no set of security measures is completely infallible to a breach. What businesses of today have to then consider is: what is your plan of action after a data breach when your security and data loss prevention measures have failed? We set out to get some pro tips from data security experts on what they would consider to be the best practices for after a data breach has already occurred. To do this, we asked 30 data security experts to answer this question: "What's the most important next step you should take following a data breach?" We've collected and compiled their expert advice into this comprehensive guide on what to do after a data breach. See what our experts said below: Meet Our Panel of Data Security Experts: Oleksandr Maidaniuk Jay Botelho Andrew Avenessian Jason Maloni Stephen Ward Robert Ellis Smith Eran Sinai Arnie Bellini Nasir N. Pasha Scott Dujmovich Jibey Asthappan Darren Guccione Andrea Eldridge Reg Harnish Johnny Lee Engin Kirda Michael Fimin Alan Baker Greg Kelley Fred Menge Adam Roth Matt Malone Jason Nielsen Ashish Mohindroo Lee McKnight Anne P. Mitchell Edsard Ravelli Bill Rosenthal J. Wylie Donald Jon Schildt Oleksandr Maidaniuk Oleksandr Maidaniuk is the Head of Quality Assurance Solutions of Ciklum Interactive Solutions with rich experience of dealing with various types of software solutions including client-server enterprise applications, real-time systems and educational desktop software. He has a strong background in such testing methodologies as Agile model and V-model and is especially capable in analysis of business requirements and test planning. His expertise is in applying wide range of software testing methods and test design techniques (static and dynamic: structure-, experience-, specification-based). The key step to manage the data breach if it already took place is... COMMUNICATION: both internal (inform employees and involve everyone able to help, i.e. tech specialist, client service managers, PR & communication team, etc.) and external (direct mailing to the clients, official media release - and, if necessary, also interview to the profile press). Basic rules in this case are: Be open and sincere. Admit if the fault was on company's side and accept responsibility. Provide details. Explain why the situation took place. Mitigate. Make conclusions out of the disaster and describe solutions for affected users. If possible, prepare a special offer for the affected audience. Educate. Explain how to prevent similar issues in the future. Invite to dialogue. Involve your clients, industry experts, analysts, media people and general public to the broader discussion about the source of the problem. Usually, such approach will allow you not only to minimize the negative impact of an IT security accident, but (when implemented correctly) will show your company as the reliable and transparent partner, which is able to operate correctly even during the crisis situation. Jay Botelho @wildpackets Jay Botelho is the Director of Product Management at WildPackets, a leading network analysis solutions provider for networks of all sizes and topologies, and has been with the company for more than nine years. His key areas of expertise include wireless networking, handheld devices, database software and applications, embedded software and network management software. The most important step to take after a data breach is... To understand the root of the issue. Engineers can use forensics to analyze traffic and instantly determine the root cause of an event, entirely removing guesswork and problem reproduction from the equation. Effective forensics provide these four key capabilities: Data Capture: Capture all traffic, 24x7, on even the fastest links Network Recording: Store all packets for post-incident, or forensic analysis Search and Inspection: Enable administrators to comb through archived traffic for anomalies and signs of problems Reporting: Through data capture and analysis, results of investigations are logged and network vulnerabilities are reviewed and analyzed post-mortem. Perhaps most importantly, forensics solutions capture data 24/7 and automatically analyze all data collected in real time, which means all the data you need for analysis is available at a moment's notice. Whether the problem with your mission-critical app is across the room or across the world, forensics gives you immediate access to the most detailed analytics available to get to the root cause of an issue. Andrew Avanessian Andrew Avanessian is the Executive Vice President of Consultancy and Technology of Avecto, a security software company that sees security as an enabler. Nearly half of security leaders believe a major security breach will happen in the future, yet the post-breach plan that IT decision makers have in mind is fundamentally flawed. Why? These plans are reactive when they should be proactive... I recommend spending less time trying to close the door after the horse has bolted and instead move to a proactive security model. While it might seem like a complex and arduous process, it can actually be quite simple. Many organizations fail to meet even the very basic security steps recommended by the SANS 'First Five' or the Australian Department of Defense, which highlight tactics that create a more defense-in-depth approach to security. For instance, while perimeter technologies like firewalls can prevent against certain types of external attack, it cannot block malware that has already found its way onto endpoints within an organization. Organizations should instead create a multi-layered strategy that incorporates solutions like patching, application whitelisting and privilege management, which will help limit the pathways for malware to obtain sensitive data. Implementing these proactive technologies is crucial, but organizations must ensure they do not come at the expense of worker productivity. It's a difficult balance to strike - the Internet ultimately creates a gateway for malware to enter organizations, yet users require constant connectivity to do their jobs. Here is where solutions like sandboxing come into play, isolating Web browser threats behind the scenes, while employees are able to work freely and without compromising the organization.