The Cybersecurity Playbook

By: Tim Young

We know. It’s a big scary world.

According to PricewaterhouseCoopers’ Global State of Information Security Survey 2016, 38% more security incidents were detected in 2015 than in 2014. The theft of intellectual property increased 56% in that same time period, according to the report, which relies on survey responses from more than 10,000 C-suite executives, VPs, and directors of IT and security practices hailing from 127 countries.

At the same time, the survey shows that firms are taking steps to address these threats. Respondents said they boosted their information security budgets by 24% between 2014 and 2015, and report that financial losses decreased 5%. So it would seems that many firms are finding a way to stem the tide; but the seemingly endless deluge of threats requires a level of vigilance that simply wasn’t required in, say, 1995 when the movie Hackers was released.

If you've watched it recently, you know that it's a perfect storm of floppy disks, Angelina Jolie pixie cuts, and third-rate electronica. But behind all that silliness is an image of cybercrime that is downright quaint by today’s standards. Hacking is treated like some kind of magical trickery that can only be accomplished by leather-jacket-clad teenagers and the fruit hangs oh-so-low because no one seems to know how to protect their assets from these rascally wizards.

But the massive advances in both cyberthreats and cybersecurity have been a mixed blessing.

The scope of the problem

On the negative side, the volume and severity of threats have increased. Security firm Gemalto reported in its 2015 First Half Review that, in the first six months of this year, nearly 246 million records were breached in 888 separate incidents. The top 10 breach incidents alone exposed 82% of the affected records and, in half of the breaches, it is unknown how many records were compromised.

Kaspersky Lab, meanwhile, reported that in Q2 2015 alone, their solutions detected and repelled a total of nearly 380 million malicious attacks from perpetrators located all over the globe. Almost 6 million of those were attempted malware infections designed to steal money by tapping into a user’s online banking portals.

However, those numbers also demonstrate the flip-side of the current cybersecurity landscape. Many of these threats were detected and repelled. We have the tools to resist many of these exploits, and we also understand a crucial truth about cybercrime: the methods may be sophisticated, but the motives rarely are. Attackers want access without working too hard or spending too much to get it. Simple vigilance can go a long way toward repelling the bulk of attacks.

As security maven Eugene Kaspersky told the Boston Globe recently, attacks can’t be stopped, but organizations can make themselves hard targets by increasing their security to a level at which they are difficult, expensive and time-consuming to breach. Or, as he told the Globe, “You want to make the hack more expensive than the possible damage.”

And a good place to start is by covering your bases on nine basic types of intrusion.

In 2014, Verizon headlined its annual Data Breach Investigations Report (DBIR) with the statistic that 92% of the 100,000 incidents they analyzed in the past 10 years fell into nine basic categories. (You can read that 2014 report here.) When they released the 2015 report in April, they revealed that not only did that pattern hold over the last year, it actually increased to 96%. So these patterns are a great place to start.

Top 10 Cybersecurity Threats:

1. Miscellaneous errors

Yep. Not scheming criminals in black hats or Bond-villain-esque autocrats hacking away in faraway data centers. The top cause of incidents in the 2015 DBIR is user error, including misdelivery of sensitive information to the wrong recipients, publishing of non-public data to public servers, and improper disposal of sensitive data. 

These errors accounted for nearly 30% of incidents examined by the DBIR (though only about 8% of confirmed breaches). The good news is that while this is a difficult problem to completely eliminate—mistakes happen when human beings are involved—there are ways to minimize this problem through process enhancements. One tool that comes to mind is data masking, the location and de-identification of sensitive data that can render errors such as these less critical. I wrote more about this a few months ago, but it’s an interesting and growing field, with Informatica, IBM and Oracle leading the way.


Latest Updates

Subscribe to our YouTube Channel