Reduce Data Breach Damage by Improving Detection and Response

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Reduce Data Breach Damage by Improving Detection and Response-6 Next

Restoration

The restoration phase only occurs on systems known to have been touched by the attackers; if the containment phase is incomplete, hackers can easily stay within a network. Containment and restoration become a continuous and protracted process. Just when the team is about to declare victory, it receives information that additional systems need to be remediated, continuously siphoning off security team resources.

Tip: Unless an organization has full confidence that the containment stage has been successful, they should call for backup during the restoration stage. Many security teams bring in outside solutions or research teams to help bring machines and credentials back to life.

Why should business leaders care how much time it takes to detect a breach? It's a common misconception that a breach is a breach – whether you spot it on day one or weeks later. In actuality, the time it takes to detect a breach directly correlates to the damage done and the cost to your organization. In June 2015, the Ponemon Institute released its annual cost of a data breach study and for the first time pointed out the direct relationship between the time it takes to detect a breach and the cost of the data breach itself.

When it comes to the damage done, look no further than the Office of Personnel Management (OPM) data breach as an example. The breach, which wasn't discovered for more than a year, led to waves of identity theft and numerous counts of identity switching by hackers, making them harder to find once the breach was discovered.

According to Exabeam, as an industry, our focus needs to shift from prevention to detection and response acceleration; there is no band-aid solution for keeping hackers out. The new age of security technology will focus on solutions that speed up, automate and ideally combine phases of the typical security process. By learning how hackers manipulate networks throughout phases of a breach, organizations can make the shift to a better security process.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.