Page 62 - index
P. 62
OPM Breach Highlights Need for Continuous and Contemporary
Security
By Todd Weller, VP, Corporate Development, Hexis Cyber Solutions
News of the attack on the U.S. Government’s Office of Personnel Management (OPM) has
appeared far and wide. As a result of this attack it is believed that personal data on 4 million
current and former federal employees was stolen. Many of these comments I’ve seen or heard
on the topic sound like a broken record: “It’s not if but when!” and “Legacy signature based
solutions are inadequate!” Both of which are true by the way. “It’s China!” and “No it’s [enter
other suspected bad guy here]!” I’m not sure it really matters.
Here’s what I consider to be the most important things to think about in light of the latest OPM
attack:
• Security requires a
“continuous” mentality.
Attacks are continuous not
episodic. The OPM
experienced a breach in March
of 2014 and a year later it’s
dealing with another breach.
Sally Beauty Supply was
breached in 2014 and recently
experienced another
breach. Get the picture?
• Continuous monitoring is
critical. Continuous attacks
require continuous monitoring.
Frankly, I think continuous
monitoring is widely accepted
at this point with many
organizations investing significant dollars in detection solutions, SIEMs, etc. It’s
essential, but it isn’t enough.
• Deploying more contemporary security solutions can help. It’s become
clear that in order to gain increased visibility into environments and detect today’s
threats organizations need to deploy more contemporary detection solutions and
security analytics capabilities. In the case of OPM, following its March 2014
breach it undertook “an aggressive effort to update its cybersecurity posture
adding numerous tools and capabilities to its networks.” With respect to the
62 Cyber Warnings E-Magazine – June 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
