Updated 6:02 pm E.S.T. We hosted yet another lively and informative discussion on one of the hottest trending topics: corporate data breaches. Our guest experts and participants brought the conversation to a new level with incredible insights demonstrating their authority on the matter. Data breaches: are they inevitable for every company? If you think so, scroll down to get a glimpse at the kinds of advice our experts give in the face of a breach, and how to prevent another one. Make sure to join in our upcoming Twitter chat on June 25, 12-1 pm E.S.T!
After hearing about some major retail brands that have lost customers’ credit card data to hackers, the reality of how commonplace data breaches really are is hitting home not only for IT administrators, but the average person. Our discussions looks at not only how to prevent a data breach from ever occurring, but what to do when it does happen to mitigate the harm to your organization. After all, as most security experts will tell you, it’s not a matter of if you suffer a data breach – it’s when.
Have you been impacted by a data breach or have an opinion on it? Join us on May 28, 12-1 PM EST to discuss the prevention of and response to data breaches, at the hashtag #ITWCchats. We’ll be joined by the following guest experts:
Claudiu Popa is a security and privacy advisor to Canadian enterprises, associations and agencies. He is an author, speaker and lecturer. Follow Claudiu @datarisk. | |
Mike Ball has survived various roles in the IT field for the past 25+ years from Hardware developer with the National Research Council, through Network Administrator, and teaching Computer Science, to Network Architect and CISO of a prominent Insurance company. Follow Mike @Unix_Guru. |
If this is your first time taking part in a Twitter chat, check out this video on how to join a twitter chat.
Check out the questions below for a sneak peak on what to expect in the chat:
Q1 What kinds of cyber security attacks are most common on an organizational level? What big data breach examples come to mind? #ITWCchats
@itworldca A1: You're always going to have more automated,non-targeted attacks account for the largest number of detected attacks #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
A1. Attacks via viruses, data theft, malware, DDos attacks and phishing. Sony & Target come to mind. #ITWCchats
http://t.co/ThLyZVyknj
— Wolston Lobo (@WolstonL) May 28, 2015
A1 Privilege Escalation is still a leading enabler of today’s breaches. Too much privilege allowed on personal accounts #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
@itworldca #ITWCchats A1: It's usually someone who opens the attachment in an email or website that they really shouldn't have.
— Blancco Canada (@Blancco_Canada) May 28, 2015
At the risk of generalizing, I think insider threats of various kinds are the most common data breaches. #ITWCchats
— Shane Schick (@shaneschick) May 28, 2015
Q2 What kinds of preventative techniques and tools will be the best at safeguarding company data? What are the pros and cons? #ITWCchats
A2 First thing is legacy Defense in Depth – multiple layers: Firewall – IDS/IPS – URL filter / Proxy for outbound #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
@itworldca A2: As far as IT security controls are concerned, you can't do any better than signature-based anti-virus, can you? 😉 #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@itworldca #ITWCchats A2: Leave less data around. You clean your house more than once every 10 years. Erase outdated data. #shamelessplug
— Blancco Canada (@Blancco_Canada) May 28, 2015
One of the best way to safeguard data may be better enforcement of IT security policies. More people may need to get fired. #ITWCchats
— Shane Schick (@shaneschick) May 28, 2015
A2: Implementing role-based access and an information rights management solution #ITWCchats
— Ritesh Kotak (@RiteshKotak) May 28, 2015
@itworldca @Unix_Guru A2: At the end of the day, you need to uniquely ID attackers, meaning that you need at least 2 auth factors #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
Q3 How can companies improve the processes followed by employees to avoid data leaks? #ITWCchats
A3: Acknowledge that Internal data breach is as dangerous as the external ones with employees are a major factor. #ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
@Blancco_Canada @itworldca There's an idea: jettison as much valuable data as possible to become a smaller target! 😉 #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@itworldca #ITWCchats often education is more beneficial than punishment.
— Blancco Canada (@Blancco_Canada) May 28, 2015
Good points about jettisoning data. That is something I've heard advocated often from privacy experts too. #ITWCchats
— Brian Jackson (@brianjjackson) May 28, 2015
Good points about jettisoning data. That is something I've heard advocated often from privacy experts too. #ITWCchats
— Brian Jackson (@brianjjackson) May 28, 2015
Q4 In face of a data breach, what is the appropriate first response? #ITWCchats
A4: As part of the response plan, communicating the incident and the message delivered is very critical.#ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
A4 Make sure you have a Breach Incident Plan! https://t.co/VY40t7OiN7 #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
@itworldca A4: if the data breach is malicious and especially if it's internal, law enforcement should be involved early on. #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
A4 Rope in every team on board. Comms, PR, you'll have to break the news to clients and/or public. That's hard to do. #ITWCchats
— Sikandar Aftab (@sikandaraftab) May 28, 2015
@C1audiu @Unix_Guru @itworldca #ITWCchats That's if you even notice. Why its important to limit the data present. dmg reduction is key
— Blancco Canada (@Blancco_Canada) May 28, 2015
@C1audiu @Blancco_Canada @itworldca So what's another few days, if you're now watching the gates and gaining intel?
#ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
.@itworldca re: timely response, regular security audits and a disaster recovery plan improves your response time dramatically. #ITWCchats
— Sikandar Aftab (@sikandaraftab) May 28, 2015
Q5 What security considerations are important to keep in mind as you continue to build applications and services? #ITWCchats
@itworldca A5 Develop and socialize an Enterprise Secure Coding Programme – http://t.co/1LKmAfUGJs #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
A5: For application development, there exist practices for "security by design" and "secure coding" and others exist for a while #ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
A5: For services, cloud come on the top of the list, where security considerations and practices should be a priority #ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
@itworldca #ITWCchats A5 Harden the host not only the perimeter. Educate. Be relentless. Continously improve. Being compliant is not secure.
— Blancco Canada (@Blancco_Canada) May 28, 2015
Q6 With increased pressure to discover breaches and launch a timely response, how do you improve monitoring for breaches? #ITWCchats
@itworldca #ITWCchats A6 This we know nothing about. How about ask the hackers nicely to stop and ID themselves… and move on.
— Blancco Canada (@Blancco_Canada) May 28, 2015
@itworldca A6 Rules based detection is no longer able to keep up. Anomaly Detection and Contextual Intelligence are needed. #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
.@itworldca If it fits in your budget, consider outsourcing to a managed service provider #ITWCchats
— Sikandar Aftab (@sikandaraftab) May 28, 2015
@sikandaraftab @itworldca Speaking of which, consider doing a better job of auditing managed security/services providers (& SLAs) #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@Blancco_Canada @itworldca A6: Map controls to standardized framework. Reduce monitoring to key controls. Baseline r/t alerts. #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@brianjjackson @c1audiu @unix_guru becoming proactive instead of reactive #ITWCchats
— Ritesh Kotak (@RiteshKotak) May 28, 2015
Q7 What are your thoughts on the Digital Privacy Act? Does it cover all the concerns related to corporate cyber security breaches? #ITWCchats
@itworldca A7: Depending on where you look, the DPA may create more concerns than it addresses
#ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@itworldca A7 I dislike the fact that Organizations can share PII WITHOUT CONSENT in the guise of an investigation! #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
The Data Privacy Act is awaiting its 3rd reading in House of Commons before the vote http://t.co/1Tt9WyDGE6 #ITWCchats
— Brian Jackson (@brianjjackson) May 28, 2015
A7: Do we really need more laws?.#ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
@itworldca A7 bill completely neglects transparent reporting. Info shared in the guise of an investigation need no be reported #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
PIPEDA is fine as it is…
#ITWCchats
Enforce it! https://t.co/zobjYEjbUC
— Michael Ball (@Unix_Guru) May 28, 2015
.@itworldca making transparency reports mandatory needs to be added to DPA; would mitigate a lot of blowback against the bill. #ITWCchats
— Sikandar Aftab (@sikandaraftab) May 28, 2015
Q8 How should companies communicate to their customers that their information will continue to remain private after a breach? #ITWCchats
A8: The timing and the content of the message is very important with respect to customer sensitivity in these cases #ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
@itworldca #ITWCchats A8: admit wrong doing. Show the improvements done to make sure it wont happen again. #simple
— Blancco Canada (@Blancco_Canada) May 28, 2015
@itworldca A8: You mean how can companies keep customers from rightfully panicking & blaming them for failing to protect assets?
#ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@itworldca A8 Mass Media is still king. Use it. . Personal mailed letter to each affected customer. #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
A8: Being truthful, honest and transparent #ITWCchats
— Ritesh Kotak (@RiteshKotak) May 28, 2015
Q9 What effect will additional layers of security and changing practices have on end users in companies? #ITWCchats
@itworldca A9: Aside from the obvious risk on the negative side (which must be controlled), added security should be just that. #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@itworldca A9 We’ve been layering security infrastructure for years It’s the process changes that will have the most resistance. #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
@itworldca #ITWCchats overall users become more aware of data security. Though at a loss for efficiency and accessibility
— Blancco Canada (@Blancco_Canada) May 28, 2015
A9: Q9 brings the old/new debate: usability vs. security. What about user experience specially with BYOD ? #ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
@tamer_marzouk Good question… A lot of companies trying to finds that sweet spot.
#ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
I think modern MDM solutions are certainly showing there's approaches to mitigate risks of BYOD. Thinking Balance, Knox #ITWCchats
— Brian Jackson (@brianjjackson) May 28, 2015
Q10 How does the rise of unstructured, big data affect corporate security practices? #ITWCchats
@itworldca A10 We should be taking advantage of that wealth of data and associated analytics -identify risks and threat targets #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
@itworldca A10:Big data practices have to fall in line with the same standardized practices that currently protect sensitive data #ITWCchats
— Claudiu Popa (@C1audiu) May 28, 2015
@itworldca #ITWCchats A10 They may as well just give up? I think the real answer is: We dont know yet.
— Blancco Canada (@Blancco_Canada) May 28, 2015
@itworldca A10 DLP can only work if you contextually understand data: Classification works for unstructured data too. #ITWCchats
— Michael Ball (@Unix_Guru) May 28, 2015
A10: Also as important is managing your external data in the cloud and mobile devices #ITWCchats
— Tamer Marzouk (@tamer_marzouk) May 28, 2015
A10: Big data will allow us to do predictive analytics on possible threats and emerging trends in security #ITWCchats
— Ritesh Kotak (@RiteshKotak) May 28, 2015