Page 18 - Publication6
P. 18
abandoned due to the manual efforts required to maintain Last but not least, organizations should implement
the constantly changing classification states. However, practices to certify uncorrupted data transmission. Worst
emerging big data risk management systems come with case scenarios here include the manipulation of stock
so-called dynamic grouping capabilities that provide drag market data by cyber-attackers before it is publicly
and drop capabilities to realign classifications and then disseminated.
propagate changes to all associated nodes.
Data classification will subsequently determine what data
2. Continuous Monitoring
should be encrypted, which typically applies to all personal
identifiable information (PII). Innovations in encryption To ensure proper cyber security visibility, many
technology over the past few years have eliminated many organizations are relying on multiple, best-of-bread, silo-
of its earlier performance and deployment roadblocks. based tools (e.g., fraud and data loss prevention,
Organizations should place special emphasis on developing vulnerability management, or SIEM) to gather the
well-documented and properly implemented encryption necessary security data. This only adds to the volume,
policies which should be applied to all sensitive data, velocity, and complexity of data feeds that must be
wherever it resides and however it is transmitted. analyzed, normalized, and prioritized. Unlike adaptive
authentication, which is being used to automate behavioral
pattern analysis for fraud prevention in the payments
industry, most security tools lack the capability to provide
self-analysis. Instead, security operations staff are often
required to piece together data from different sources,
connect the dots, and detect suspicious patterns that would
indicate a cyber-attack or data breach. Unfortunately,
relying on manual processes to comb through mountains
of logs is one of the main reasons that critical issues are not
being addressed in a timely fashion. The Target breach was
a good example. The right tools were in place and reported
the intrusion, but due to the volume of data that the
outsourced security operations team needed to assess on
an ongoing basis, the data breach was not detected in a
timely fashion. In fact, authorities were alerted to the
breach by a third-party that, which according to the
Access control is the Achilles heel of many security
Verizon Data Breach Investigation Report is not
programs, since practitioners have to balance data
uncommon.
availability versus unauthorized data usage (e.g., theft,
disclosure, modification, destructions). Meanwhile, Big data in security becomes even more daunting when you
hackers often target privileged users since their accounts consider that cyber criminals increasingly targeting third-
provide a beachhead into the entire network. Therefore, party vendors to gain backdoor access to data at large,
strict enforcement of well-defined access control policies well-protected global organizations. As a result, it is no
and continuous monitoring of access paths to ensure they longer sufficient to simply focus on an organization�s
are working as intended are essential for the success of data internal security posture. We also need to safeguard against
integrity initiatives.
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 3
