Over the past year, there have been a number of disturbing developments with regards to data breaches. Not only have data breaches become more frequent, but their impact has become greater — not just in the sheer volume of information or assets stolen, but in the very nature of what hackers are targeting. The extremely sensitive data lost in the White House and Office of Personnel Management breaches are prime examples. Unfortunately, given the successful breaches of high-value targets in 2015, we can be sure that 2016 will only get worse.
With this horrifying direction and the gravity of what's at stake, it would be a fair expectation that most enterprises should be seriously looking at how their security needs to change. Obviously, traditional security is of little value when it comes to stopping a data breach. Intruders can easily elude preventative security — generally by compromising a single user device or account — and furtively conduct their business inside a network for months before being discovered.
A big part of the problem is that security organizations are still focused on preventative security — looking for a silver bullet that will keep an attacker out of their networks in the first place. Despite a Gartner recommendation that organizations shift security efforts toward the detection of network intruders and the emergence of promising new behavioral analytic tools and security strategies, well under 1 percent of enterprises have the ability to find a post-intrusion network attacker. Cyber criminals continue to have the potential for unimpeded, long-term success.
So how will attacks change in 2016? In this slideshow, David Thompson, Sr. Director of Product Management, LightCyber, has identified data breach trends we can expect to see in 2016.
Whaling is a type of spearphishing targeting "big fish" in an organization with access to sensitive, highly-valuable information. ... More >>
Five common failures companies make when preparing for, and responding to, a data breach, as well as guidance for companies on how they can tackle these issues. ... More >>
Incorporating security capabilities such as encryption, better control and management and a data security framework will help alleviate the burden breaches place on the organization and people's lives. ... More >>