Question: What do Target, Home Depot, Neiman Marcus, Michaels, JP Morgan Chase and the IRS have in common?
Answer: They’ve all been victims of data breaches over the past 18 months.
The next question is: How confident are you that your current security strategy is working?
The Cisco 2015 Annual Security Report revealed that less than 50% of respondents (mostly midmarket companies and smaller) use standard tools such as patching and configuration to prevent security breaches. This is especially concerning considering the fact that between January and November 2014 spam traffic increased 250%. No longer a mere nuisance, spam messages often contain malicious advertising (i.e. malvertising), which is a primary conduit for delivering exploitive malware. If you want to reduce your customers’ risks of joining the ranks of the earlier mentioned companies, consider the following data security prerequisites.
3 Must-Have Data Protection Features
The problem with most antivirus software and legacy next generation firewalls is that they’re designed to defend against known threats. Cybercriminals use this to their advantage by continually evolving their attack strategies and eluding traditional security tools.
In todays’ dynamic threat environments, security solutions must possesses the following traits:
1. Contextual-Aware Security
Context-aware security is the use of situational information (e.g. identity, geolocation, device type, time of incident) to improve security decisions. A comparison can be seen in the following retail example. Traditionally, if a store manager wants to access the safe, he or she only needs a key or the combination to the lock. In a contextual awareness scenario, the time of day a person accesses the safe as well as the identity of the person trying to open it are factored into the event (i.e. opening the safe), which helps stakeholders quickly discern the difference between a routine deposit and an attempted robbery.
2. Continuous security protection and retrospective capabilities
One of the traits that makes today’s attacks so difficult to detect is that malware often enter a user’s network disguised as a regular file. Only after it’s been given the greenlight by the security software does it then morph into malware. An advanced malware protection solution must be able to continually record and analyze files so that it can take action if anything turns malicious. Additionally, once it identifies a file has changed in nature, it needs to be able to provide a historical view of the file, so security administrators can pinpoint where the file entered the network and under what circumstances.
3. Real-time data threat intelligence
Unlike traditional security software that has to be regularly updated with the latest threat signatures, cloud-based solutions have the advantage of being able to bypass this step, which significantly reduces network vulnerability.
When the above three must-have features are combined, the end user enjoys security protection that continuously (and retrospectively) correlates files, behavior, telemetry data, and activity to provide a viable defense against today’s security threats.
Data threat protection is not just about software, however. To round out the effectiveness of a context-aware, real-time threat intelligence solution, IT solution providers should partner with a network security service provider, which works with organizations to identify network infection sources and areas of vulnerability, in addition to determining whether data compromises may have occurred. In today’s complex security environment, choosing a knowledgeable security partner can go a long way in minimizing the impact of a breach, and identifying methods to reduce future risks.