Page 70 - Cyber Warnings
P. 70
Turning the Tables on Cyber Fraud
By Robert Capps, vice president of business development, NuData Security
The Identity Theft Resource Center reports that so far this year, 572 data breaches have taken
place, exposing approximately 13.5 million records. This, despite all the heightened security
measures, both internal and external, that organizations have deployed to keep their data safe.
At the same time, consumers claim to be concerned about keeping their data safe online but
continue to employ unsafe practices such as using the same easy password for multiple
accounts and sharing account information with friends and family.
These realities make cybersecurity seem like a pipe dream – but it’s far too important to give up
on. However, there is a way for organizations to grapple with these twin challenges and still
protect their entity and their customers – because ultimately, it’s all about the data. As long as
it’s valuable, it will be stolen. Efforts to devalue data will be the most impactful actions an
organization can take to reduce the number, scope and impact of breaches. So how is this
accomplished? Read on.
The Never-Ending Battle
Trying to control what happens to data once it has been stolen is like trying to herd cats.
In addition, cybercriminals have numerous ways to attack – and they keep finding more. It’s
similar to physical crime or terrorism in that way. It’s not feasible to protect a soccer stadium, for
example, against all possible attack vectors—from every entrance, from the sky, from
underground—let alone means of attack that security teams haven’t thought of yet.
For these reasons, it’s a never-ending, seemingly pitched battle to keep data secure.
The fact is that every time we get it wrong, something bad happens. Sometimes very bad, as in
stock-plummeting, customer-fleeing, company-destroying bad.
Becoming Proactive
To lower the odds of getting data security wrong, organizations must create a security culture
that seeps into every aspect of doing business. Education is key – the mindset has to change,
not just the product. This requires a proactive approach versus a reactive one.
What does this look like in practical terms? Whereas perimeter and infrastructure defenses tend
to be reactive, being proactive means observing consumer behavior with much higher fidelity.
Traditionally, analysis has tended to be rather superficial. To truly understand and know the
user, you need to look deeper. This includes looking for signals you wouldn’t normally look for—
how fast someone types, how hard they hit the keys, how a user interacts with a website, etc.—
the types of signals that are often ignored.
70 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
