Introduction to Data Security
The world of IT security is an ever-changing environment. From the early Morris worms and Monkey.B viruses to modern hacker tools like BackOrifice and Metasploit, IT security professionals must always be on the lookout for the latest threat to their networks. To make it worse, its not always Joe Hacker or the script kiddie sitting in the parking lot sniffing wireless traffic that security needs to worry about. Insider threats pose nearly as great a risk with the privileged access many users already possess.
The IT security professional must be on a constant lookout for zero day events, keeping up to date on the latest security patches from operating systems and application vendors. They attend endless training classes and conferences to learn about new methods a hacker might employ against the network.
Metasploit and other hacker applications have made it very simple to attack vulnerable network resources. These applications chain several attacks together simultaneously taking advantage of unpatched or misconfigured systems and network devices. According to Cisco's 2010 Annual Security Report one new threat vector IT security must worry about is mobile devices. With the rapid proliferation of tablets, smartphones and netbooks hackers have begun finding ways to exploit these devices which exist outside of the network yet have access to corporate sensitive data.
Attacks targeted at specific industries, even nation states like Stuxnet due to its complex nature and sophisticated coding, may serve as a blueprint for new threats. As of late ubiquitous applications like Adobe Acrobat have become targets for hackers to exploit as they insert compromised PDFs onto websites and file shares.
Adding Up the Numbers
The Ponemon Institute released a benchmark study of US companies in July of 2010. It found that the average cost of cybercrime is $3.8 million per year with over 50 successful attackers per week for their sample companies. Ninety percent of all cybercrime stemmed from web-based attacks, the introduction of malicious code and malicious insiders. The average number of days to resolve a cyber attack was 14 days, costing on average $17,696 per day.
There is a silver lining in the research. Companies with strong security postures mitigate the effect and cost of a cyber attack by nearly 24 percent. Adopting security frameworks along with defense in-depth with best-in-breed solutions moderate the overall impact of an exploit on a company.
Dealing with Threats
Companies that take these strong postures to deal with these emerging data security issues and concerns are able to detect attacks faster and resolve them quicker at a lower cost. Adopting frameworks like those published by the Center for Internet Security or the PCI DSS gives security professionals best practices to harden their networks.
Establishing incident management policies and procedures enhances their ability to quickly deal with threats using technology like firewalls, intrusion detection and security event management. Host-based file integrity monitoring and logging applications give IT security professionals continuous views into the state of the network and the ability to quickly find the forensic trail a hacker leaves behind.
Ultimately, continuous training of not only the IT security staff but also the average end user lowers the risk of insider activity resulting in the loss of data. Falling prey to phishing or spam attacks is lowered when security training is offered to all employees in an organization.
Cisco 2010 Annual Security Report, retrieved at https://www.cisco.com/en/US/prod/vpndevc/annual_security_report.html
ArcSight and Ponemon Institute: First Annual Cost of Cyber Crime Study, retrieved at https://www.arcsight.com/press/release/arcsight-and-ponemon-institute-release-first-annual-cost-of-cyber-crime-stu/
Image Credit: Salvatore Vuono / FreeDigitalPhotos.net