Even a casual glance at newspaper headline reveals that the number of security breaches across the globe has gone up drastically. Dunkin Donuts recently reported a security breach that affected consumers who had signed up for its rewards program DD Perks. Marriott too disclosed a massive data breach exposing personal and financial information on as many as half a billion customers.
Equifax, the leading US-based credit-rating agency suffered a high-profile breach last year. A House Oversight Committee report blamed the breach on the company’s sub-par security practices and policies and systems that were ‘old and out-of-date’ for the breach.
Even the likes of Facebook and Amazon haven’t been able to prevent breaches. Facebook has reported three major breaches, which have compromised data of about 50 million users. Amazon suffered a major data breach just two days ahead of Black Friday, where some customer names and email addresses were inadvertently disclosed on its website.
Of course, not all of these breaches were caused by malicious intent. For example, Amazon attributed its breach to a technical error. Nevertheless, the damage that a security breach causes to a company’s reputation is quite massive. Besides, there are also financial implications in the form of fines etc. For instance, Facebook may have to cough up a billion dollar fine for its data breaches.
While each of these breaches had different causes and motivations, one interesting fact is that all these organisations did have security infrastructure in place. However, it did not work.
So, as we enter the new year, it will be worthwhile to revisit your organization’s threat detection and response solution and ensure that it is indeed well-equipped to deliver. Here are some points to review.
Changing Threat Landscape
Security is extremely complicated. On one hand, the threat landscape is evolving rapidly. Every few weeks, there is new ransomware that makes an appearance. New threats come every single day. So, while your organization may already have invested in a Managed Detection and Response (MDR) solution, you need to explore whether the solution is equipped to handle new and emerging threats.
As the threats have evolved, so has the technology to combat these threats. For instance, the use of cloud can help ensure more real-time insights. Analytics and Machine Learning can help generate more zero-day flags and identify threats that a human might miss. Knowing how your MDR vendor uses technology and more importantly, understanding its future technology roadmap is a useful exercise.
Speed and Expertise
The longer that the malware/threat stays in the environment, greater is the risk that it can compromise your data. Therefore, you need to consider both the speed at which the threat is detected, as well as the expertise that the vendor has in handling such incidents.
As we enter 2019, the threat landscape may be even more tough with new age hackers, geo-political developments and emerging technologies. On our part, we at SISA are focused on innovation around building our scale and speed through the use of AI/Machine Learning techniques.
A robust MDR solution that is well-equipped to handle the new threats will be the key for you to sleep well at night!