As the saying goes, “The road to hell is paved with good intentions.” Many IT security professionals have good motives to comply and secure their servers the best way possible. But based on the 2013 Verizon Data Breach Investigations Report (DBIR), data breaches are on the rise, so it’s likely that their actions are missing some element(s) that is leading them down the path to an IT security nightmare.
Taking the right preventative measures is one part of a largely discussed subject, but there is another part of security that gets neglected and can help alleviate these potential disasters — the detection and timely alert of a data breach. Apparently, most IT security teams do not have a plan and/or highly capable software in place to detect and alert them of a data breach, or suspicious activity at all, let alone alert them in real time. How else can you explain why 66 percent of discovered breaches “lie undetected for months …,” not to mention how many are left undetected at all?
In addition, when a company is breached, it’s also most likely that they’re not the ones figuring it out. “Only 13 percent of breaches are discovered by the affected company,” and 34 percent are discovered by a third party, according to the DBIR.
These statistics are perhaps indicative of serious blind spots in what should be a more robust IT secured system, and it should be a warning to IT security professionals around the world to wake up and pay attention to the urgency of better surveillance.
Overall, IT security professionals, no matter what industry, big or small, must reconsider what they think they know, question the full range of their current “safety nets,” and perhaps invest even more in a stronger, all-encompassing user-monitoring software that covers all blind spots (i.e., upgrading SIEMs/log analysis tools, which are limited and cannot capture all apps and cannot, therefore, send alerts to the proper authorities).
If you can’t afford to have your data compromised, then money should not be an issue and no time should be wasted. You may have already been breached, and you don’t even know it.
Gaby Friedlander is the co-founder and CTO of ObserveIT. Gaby has built ObserveIT into the leading provider of user-activity monitoring security auditing solutions for Windows, Unix and Linux platforms. Connect with Gaby on Google+.