Risk-based security: Applying more sophisticated risk assessment and mitigation tools
Not all data is created equal. Right there is why organisations are newly focused on risk based security where the crown jewels get more rigorous protection than, say, humdrum, ordinary files.
This is crucial because – as headlines about breaches of important data files at large insurers such as Anthem, large retailers such as Target, and even federal government agencies demonstrate – hackers have gotten very good at their jobs. Understand, for them this is a job. It’s no longer about malcontented kids in mom’s basement. Hacking is now the occupation of skilled organised crime rings, even nation state actors.
Assume hackers will get into your system
Yes, create and maintain perimeter defenses – such as firewalls – that are designed to keep them out. Those defenses may hold. But smart organisations nowadays operate on the belief that hackers may already have gotten in. So the key is minimising the damage they can do.
Now think of a jewellery store. The good stuff – the expensive watches and diamonds, and other precious stones – are generally locked in cases at some remove from the front door. That’s just common sense. Don’t make it easy for a criminal to smash, grab and run.
Do likewise with data assets
Put the precious information behind layers of security – perhaps even requiring special log-ins and passwords to access the really important stuff. Examples of critical data: non-public financials, trade secrets, top secret intellectual property (the Coca Cola formula, for instance). Infact, anything that would be stamped “top secret” falls into this bucket that needs higher level safeguards.
Be sure to encrypt the truly valuable information so that if a hacker in fact steals it, he may not be able to access it. This is key: the more important the data, the more protections need to surround it. What would be the risk to the organisation if this data falls into the wrong hands? The bigger those risks, the bigger the risks that hackers are already looking for it, so protect accordingly.
Build in tools to monitor access
Hunt for anomalous – that is atypical – behaviours. For instance, has the CEO just accessed multiple key customer files, at midnight, on a Saturday, though he’s never done this before? Have a system that sounds an alert and even shuts down the CEO’s access. Trust us: the real CEO will know who to call to get back in – a criminal won’t.
Also, it’s wise to use tools to monitor data exfiltration–or data going outside the system. Hackers do not hack just to read, usually they export key files, and smart organisations are increasingly making use of log files that track activity in the network. This detects the presence of hackers who give themselves away through data exfiltration.
Know this fight is never over; hackers don’t give up. Security professionals recount cases where persistent attackers tried for a year – sometimes longer – and kept at it until they got in. Keep a watchful eye on your network and your data, and strive to always be improving. That’s how to stay ahead of hackers.
The post Risk-Based Security: Applying More Sophisticated Risk Assessment and Mitigation Tools appeared first on Ciklum.