dcsimg

Tipping the Data Breach Odds in Your Favor

  • Tipping the Data Breach Odds in Your Favor-

    Advantage

    Once an attacker is inside your network, who has the advantage?

    The answer depends on the defending organization's ability to spot an active data breach. Once inside the network, the attacker is blind. This puts them at an inherent disadvantage. They must explore the network to understand topology, find resources and seek new points of control and begin to create favorable conditions to steal assets. These post-breach activities can be spotted with active breach detection that gives the defender the advantage. Ironically, the phase that should be strongly in favor of the defender is often to the attacker's advantage, if the defender lacks the ability to see real breach activity.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9

Tipping the Data Breach Odds in Your Favor

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
  • Tipping the Data Breach Odds in Your Favor-6

    Advantage

    Once an attacker is inside your network, who has the advantage?

    The answer depends on the defending organization's ability to spot an active data breach. Once inside the network, the attacker is blind. This puts them at an inherent disadvantage. They must explore the network to understand topology, find resources and seek new points of control and begin to create favorable conditions to steal assets. These post-breach activities can be spotted with active breach detection that gives the defender the advantage. Ironically, the phase that should be strongly in favor of the defender is often to the attacker's advantage, if the defender lacks the ability to see real breach activity.

Catastrophic data breaches are becoming the new norm. Each week, new data breaches surface, making it clear that cyber criminals are getting the upper hand in breaking into networks and stealing assets.

Most of the industry now understands that 100 percent effective preventative security is impossible to achieve. Both Gartner and the FBI agree. In his keynote to the 2015 RSA Conference in San Francisco, Amit Yoran, the president of RSA, loudly proclaimed that, "the security industry has failed." He noted that, "Beyond this irrational obsession with perimeters, the security profession follows an equally absurd path to detecting these advanced threats."

A motivated attacker will get into your network. The key is how quickly and accurately you are able to find the active breach. Right now, the industry average is about six months. This is where security has failed. The industry is still trying to use a preventative mindset and tools to highlight a breach. Clearly, finding an active breach requires a different approach.

So what do the odds actually look like for an attacker and a defender before an intrusion and afterwards? Can the odds be changed? The answer may surprise you. In this slideshow, LightCyber takes a closer look at how data breaches happen and what you can do to tip the odds back in your favor.