In recent years, two-factor authentication has rapidly become a standard best practice for securing accounts. One of the most common ways to implement this is through SMS messages sent to a cell phone. For example, if you enable two-factor authentication for a Google account, when you try to log in with your password from a new computer or other device, Google will send a text to your cell phone with a code you’ll need to enter on the login screen to verify that along with having the correct password, you also have physical access to the associated cell phone for the account. That sounds good. But, recently, flaws in the SMS system have been uncovered that render this method of two-factor authentication inadvisable. In fact, the National Institute of Standards and Technology (NIST) will recommend against its use as a two-factor method.
Mistakes in the cybersecurity world have become a lot more expensive, particularly if you suffer a data breach. A new study done by the Ponemon Institute for IBM concluded that security breach costs $4 million per incident in 2016, a 29% increase from 2013. Furthermore, stolen records have climbed in cost as well, with the average loss per record now standing at $158. Stolen healthcare records have also risen dramatically, now $355 per record, up $100 from 2013. Additionally, the study revealed that the average time to identify a breach is now 201 days, and the average time to contain a breach is 70 days. Breaches identified in fewer than 100 days cost companies an average of $3.23 million and breaches found after 100 days cost considerably more, at an average of $4.38 million.
The Verizon 2016 Data Breach Investigations Report details findings pulled from a sampling of more than 100,000 incidents and 2,260 data breaches. The 85-page report is certainly worth a read for anyone interested in information security. For those in a hurry, here are a few of the key points I saw:
With today’s elevated security threat level and related economic impact, it makes sense to do everything you can to secure your organization’s servers, desktops, and devices. How do you keep the bad guys out while securing and enabling day-to-day business? Many companies use SIEM tools for threat detection, compliance, and asset protection. I’d like to suggest a couple of additional layers of security.
An effective security program is a balance of people, process, and technology. When evaluating an IT security monitoring solution, it is important to consider each of these areas in the decision-making process. Your organization also needs to determine which areas should be handled internally and which should be co-managed with a trusted partner. Let’s take a look at each:
The 2015 cyber attacks on SMEs may be in the past, but the damages caused by these hundreds of security breaches have left their digital scars for good. And at the rate that cyber attacks occurred in 2015, we know that 2016 is going to get even worse. What this means for vulnerable SMEs is another year of fending off countless sophisticated cyber attacks and hoping to not become the next data breach in the news. Hackers know that SMEs tend to have weaker defenses than larger organizations, usually due to lack of financial and human resources. They also know that there is a wealth of customer data and intellectual property hiding behind easily penetrable defenses within these SMEs that can be a route to a bigger score (particularly if the SMEs contract with larger companies, who may be harder to penetrate directly). So if big enterprise companies such as Sony Pictures Entertainment, Hilton Hotels, and Anthem Inc. can’t protect themselves, what’s an SME to do in such a volatile world? Below are 3 options for SMEs to pursue to enhance their cybersecurity posture in 2016.
To defend an organization's cybersecurity, it is essential to be able to see the threats. If IT personnel can't detect hackers' efforts, the organization may be caught off guard when an attack hits their servers. But with good security visibility, tech staffs are empowered to protect business assets.
If you are like most IT professionals these days, you are no doubt juggling an increasingly complex security landscape while struggling to stay up-to-date with the latest tools and techniques.
This can add up to an incredible amount of unproductive time. In fact, according to IDC, 35% of organizations spend more than 500 hours a month just reviewing security alerts, and The Ponemon Institute has revealed that some organizations waste a staggering 395 hours per week on average just investigating false positives!
Security information and event management (SIEM) can be an effective solution for repelling and remediating cyber attacks, but if deployed poorly, it can be a waste of money. In a webcast recording from the 2015 SC Magazine SIEM eSymposium, EiQ Product Manager Kevin Landt discusses four ways you're wasting your money on SIEM, the criteria for determining SIEM’s necessity, three considerations for SIEM deployment, and EiQ’s relevant services.
Choosing between solutions for network security monitoring and other cybersecurity measures means evaluating competing products to determine which will provide the best results for an organization. EiQ's Security Monitoring Buyer's Guide offers recommendations for informed decision-making. The guide addresses three areas: technology, people, and process. It also introduces SOCVue, EiQ's security monitoring service, and offers five important reasons why SOCVue is useful to any organization. We've pulled together a summary of the main points:
We’ve been having a lot of conversations recently with banks and financial organizations about not only meeting GLBA and PCI-DSS requirements, but also making sure they are prepared for the FFIEC examinations. On the heels of the release of the FFIEC Cybersecurity Assessment Tool this summer, financial organizations are recognizing shortcomings and gaps with their current security processes and systems and looking for ways to correct the issues within constraints of limited budgets, time, and other resources.