make a good business better

Blog Information Security

Print Divider Print Divider Branding
 

How Companies Can Better Protect Against Cyber Attacks

07/15/2015  |  By: Thomas Lewis, CISSP, CISA, QSA, Shareholder, Information Security

Share

Social Logo Social Logo Social Logo Social Logo

Hacker attacks against large companies were up 40 percent in 2014 over the prior year — with five out of six large companies a target according to an Internet Security Threat report. In particular, health care companies were a major focus of hackers, with 37 percent of breaches in that sector, compared with 11 percent in retail and 10 percent in education.

Does the rise in cyber attacks indicate a trend? Unfortunately, the answer is yes. The reason is quite simple: stealing data is a very profitable business with relatively low risk of prosecution.

Any organization with valuable data is vulnerable to an attack, but the level to which they are at risk depends on the type of data they hold. Organizations that host large amounts of personal data, like healthcare companies, or companies with valuable research and development, remain at the top of the list.

In one intellectual property espionage case last summer, charges were brought against a Chinese businessman, Stephen Su, aka Su Bin, for conspiracy to obtain unauthorized access to the computer systems of Boeing and other US companies, in an attempt to steal data related to dozens of US military projects.

Su was the owner and manager of Beijing Lode Technology Company, Ltd., a cable harness equipment company that serves the aviation and space market, including Boeing. The criminal complaint accuses Su Bin of passing illegally obtained US military technical data to state-owned entities within China. 

Tactics to Secure Data Better

This case underscores the need for companies in high value industries like aerospace and healthcare to conduct exhaustive due diligence investigations on all of their vendors. Restricting network access by implementing least privilege rules is also recommended to limit breaches. (The principle of least privilege (POLP) is the practice of limiting access to the lowest level of user rights that will allow normal functioning.)

It's also key for organizations to be very well acquainted with their threat landscape and the value of the data they hold. If necessary, this could be tasked to an outside security risk consultant to conduct a deep dive into the threat landscape. That consultant would characterize the value of all the data an organization holds, identify the risk of being compromised and assess how large a target an organization might be for criminals overall.

Companies should take that threat assessment and make decisions accordingly — using prioritization as a guide to put the proper controls in place to make sure data is properly protected and the most at-risk data is more heavily guarded. Doing this risk assessment is a critical part in slowing the growth of cyber attacks.

A company's inherent risk can change over time either as hackers change the focus of their target or a company takes on work from a high-profile client or changes business practices that include gathering more personal information, for example. Which is why it's important that organizations continually reassess this landscape, make the necessary changes and then reassess again. It may be a laborious process, but it's critical to make sure your organization's data is as secure as it needs to be at all times. Remember 100% secure is something that no organization can afford and most of us would state it is not even possible.

We recommend that organizations also use continuous monitoring technology solution to keep a step ahead of hackers. For example, managed intrusion prevention system or intrusion detection systems leverage automation to protect your network — when they see a threat they record it and then block every device on the network from it.

Hackers, like businesses, may use a cost-benefit framework when choosing targets. Information that is easier to steal is more attractive, less effort and less risk for being caught. If organizations put up significant resistance, hackers are more likely to move on to an easier target or at least gain you more time to properly detect and respond.

It's important that companies continually reassess their threat landscape, make the necessary changes and then reassess again. It may seem like a laborious process, but it's a necessary one to make sure your organization's data is secure at all times.

Check out our free guide, Breach: Network Security Best Practices for Prevention, Detection, and Response, for more information on ensuring the safest network security for your firm.

On LinkedIn or Twitter? Follow us on LinkedIn and on Twitter @lbmcsecurity.