It’s been a rough couple of weeks for Anthem as they remain in a constant loop of bad news. Clearly this will continue to stay newsworthy as the investigation deepens and the fall out continues. As we talked about last time, the data the hackers stole includes names, birthdays, Social Security numbers, street and email addresses, and medical IDs. Also included in the data leak is employment information and income. And as the headlines suggest, the cost of the data breach is likely to exceed $100 million.
But aside from those disturbing facts, what we found most concerning surrounds the reports that the attackers may have first gained a foothold in April 2014, a full NINE months before the company says it discovered the intrusion. How can that be? NINE months? Where was the breakdown? Well, it may take months for the investigation to resolve, but we think that one thing is clear: there is a ridiculous gap between the time it takes for a hacker to compromise a target and the length of time that typically passes before the victim figures out they’ve been had.
Take for example this very telling statistic included in Verizon’s 2014 Data Breach Investigations Report which graphically shows the difference between the “time to compromise” and the “time to discovery.” The bottom-line here is that the gap is not improving, but instead is widening.
With that in mind, what should companies do? How can critical IT assets can be protected and compliance requirements be met? The answer is Security Control Monitoring so that companies can proactively detect and address security control gaps to lower information security risk. This is the value of SecureVue’s ThreatVue® add-on module which helps improve security posture by continuously auditing the network against critical security controls like those recommended by SANS.