Blog

IT Security: You're Doing it Wrong

  • author image

As the saying goes, “The road to hell is paved with good intentions.” Many IT security professionals have good motives to comply and secure their servers the best way possible. But based on the 2013 Verizon Data Breach Investigations Report (DBIR), data breaches are on the rise, so it’s likely that their actions are missing some element(s) that is leading them down the path to an IT security nightmare.   

IT security imageTaking the right preventative measures is one part of a largely discussed subject, but there is another part of security that gets neglected and can help alleviate these potential disasters — the detection and timely alert of a data breach. Apparently, most IT security teams do not have a plan and/or highly capable software in place to detect and alert them of a data breach, or suspicious activity at all, let alone alert them in real time. How else can you explain why 66 percent of discovered breaches “lie undetected for months …,” not to mention how many are left undetected at all? 

In addition, when a company is breached, it’s also most likely that they’re not the ones figuring it out. “Only 13 percent of breaches are discovered by the affected company,” and 34 percent are discovered by a third party, according to the DBIR.  

These statistics are perhaps indicative of serious blind spots in what should be a more robust IT secured system, and it should be a warning to IT security professionals around the world to wake up and pay attention to the urgency of better surveillance. 

Overall, IT security professionals, no matter what industry, big or small, must reconsider what they think they know, question the full range of their current “safety nets,” and perhaps invest even more in a stronger, all-encompassing user-monitoring software that covers all blind spots (i.e., upgrading SIEMs/log analysis tools, which are limited and cannot capture all apps and cannot, therefore, send alerts to the proper authorities).  

If you can’t afford to have your data compromised, then money should not be an issue and no time should be wasted. You may have already been breached, and you don’t even know it.  

Gaby Friedlander is the co-founder and CTO of ObserveIT. Gaby has built ObserveIT into the leading provider of user-activity monitoring security auditing solutions for Windows, Unix and Linux platforms. Connect with Gaby on Google+.

Post Your Comment




Leave another comment.

In order to post a comment, you must complete the fields indicated above.

Post Your Comment Close

Thank you for your comment.

Thank you for submitting your comment, your opinion is an important part of SandHill.com

Your comment has been submitted for review and will be posted to this article as soon as it is approved.

Back to Article

News You Can Use

Click here for news releases:

  • Is Data Science Dead? Watch the Carpe Datum Rx Debate - April 30
  • Join Ray Wang at SafeNet Lunch & Learn - May 8
  • Preparing for IPO: Streamlining Compliance in the Cloud - April 23

 

 

 

 

 

 

 

 

Topics Related to this Article