What lessons can companies learn from getting breached?

What lessons can companies learn from getting breached?


In a sense, getting stung can be the key to taking notice — and maybe that’s a blessing in disguise.

IT security is a topic often seen as solely the IT department’s concern. For management, the means taken to protect the company from cyber-crime can often be viewed as an extra cost to the business that doesn’t add to revenue. Our own research found that more than half of IT professionals believe their senior management does not take enough responsibility for cyber-security.

Just like you might take a vaccination before you go on holiday to protect yourself from diseases, perhaps a breach can act as an inoculation to anything more serious.

But rather then waiting for a breach, what if security was seen as more of an investment?

An anonymous IT pro once revealed to us that his company secured a major deal worth £300k because the company’s security was tighter than the competition’s. That deal could’ve gone a long way to paying for the company’s IT security, proving it a worthy asset for any business.

It’s easy to take the attitude of ‘it wouldn’t happen to me’, but if a company were to gamble with their sensitive data in this way to cut costs they could end up in a much worse off position financially. It’s always better to be safe than sorry.

Are companies learning the right lessons?

Becoming a victim doesn’t seem to lead to the implementation of security measures that should always have been in place. A common reaction after a breach is to burden teams with more complex and often more costly technology, which only results in impeding and confusing users more.

While employees remain the biggest threat to a company’s security, blaming internal members of staff who have inadvertently been the victim of a phishing attack, is never the right route to take.

Stop blaming your users

Infographic on blaming users for compromised credentials

We’re all human, and therefore liable to making mistakes. It only takes one time and one slip up for an opportunistic hacker to get lucky; even the most eagle-eyed IT manager or efficient security software could miss something vital. Rather than playing the blame game, start protecting the staff instead.

Educating users, whilst useful, is not enough to prevent a hack. We all know sharing passwords is a bad idea. But how many people would ignore this and fold under the pressure of their boss asking?

Seeing is believing

Visibility is the key to ensuring big bosses are aware of cyber-security risks. Software tools such as UserLock can physically show unsafe password practices or general risky behavior happening around the office in real time. Seeing is believing, so providing a snapshot of these dangerous behaviors will help increase understanding of the risks they pose and would help those in senior management to take more notice.

monitor track logon to show unsafe user practices in real time

Contextual security to protect users and not frustrate IT

Compromised user logins are a common activity across nearly all attacks. UserLock protects exploited users by making genuine, but compromised logins useless to would-be attackers. It stops an attacker’s ability to logon and therefore move within the network.

It also out-rightly restricts certain careless behavior to protect users from themselves (password sharing, shared workstations left unlocked, logging into multiple computers simultaneously, access outside of authorized hours or locations).

It also ensures access and actions are attributed to an individual employee. This accountability discourages many malicious actions, ensures IT can quickly respond to suspicious activity and offers your company excellent evidence to address violations that may occur.

To learn more about what a data breach looks like and how to thwart data breaches, read our white paper on the key indicators of compromise.

The post What lessons can companies learn from getting breached? appeared first on Enterprise Network Security Blog from ISDecisions.

*** This is a Security Bloggers Network syndicated blog from Enterprise Network Security Blog from ISDecisions authored by Chris Bunn. Read the original post at: