Preparing for a Data Breach: A New Mindset

Change the way you protect your organization by securing the real target of attacks - the data

a NEW MINDSET for data security is needed
if organizations are to stay ahead of the attackers
and more effectively protect their
intellectual property|data|Customer Information|Employees|Bottom Lines
against data breaches in the future.

A New Mindset for Data Security

Breach Prevention Alone Has Failed

The 2016 Breach Level Index from Gemalto shows that data breaches are very much a growing threat for organizations. The number of records compromised is remarkable, considering the lengths many organizations go to in order to protect their data.

It’s apparent that a new approach to data security is needed if organizations are to stay ahead of the attackers and more effectively protect their intellectual property, data, customer information, employees, and their bottom lines against data breaches in the future.
MoreLess
Security is consuming a larger share of total IT spending, but security effectiveness against the data-breach epidemic is not improving at all. Enterprises are not investing in security based on reality as it is; they’re investing based on reality as it was: a bygone era where hackers were glory-seeking vandals, sensitive data was centralized, and the edge of the enterprise was a desktop PC in a known location. And in this reality, network firewalls and other network perimeter “breach-prevention” technologies were good enough. Unfortunately, yesterday’s “good enough” approach to security is obsolete in an age where data is distributed across and beyond the enterprise, and hackers whether skilled criminals or insiders – both malicious and accidental – are a constant threat to data.

There is nothing wrong with network perimeter security technologies – they are an added layer of protection. The problem is that many enterprises today rely on them as the foundation of their information security strategies, and unfortunately there is really no fool-proof way to prevent a breach from occurring. Alarmingly, market trends show that the lion share of organizations have no plans of changing this approach. According to IDC, of the $37.9 billion enterprises spent on security technology in 2016, more than 30% ($11.4 billion) was invested in network perimeter security.

From Breach Prevention to Breach Acceptance

The Breach Level Index indicates that data breaches have been increasing in frequency and size over the last couple of years. So by definition, breach prevention is an irrelevant strategy for keeping out cybercriminals. In addition, every organization already has potential adversaries inside the perimeter. Disregarding these internal threats not only invites blatant misuse but also fails to protect against accidental carelessness. Even non- malicious behaviors such as bringing work home via personal email accounts, lost devices, storing data on USB drives and vendors unknowingly sharing network log-in credentials and passwords are a few examples of how easy it is to innocently leak sensitive data.
MoreLess
In today’s environment, the core of any security strategy needs to shift from “breach prevention” to “breach acceptance.” And, when one approaches security from a breach-acceptance viewpoint, the world becomes a relatively simple place: securing data, not the perimeter, is the top priority. Securing the data is a challenging proposition in a world where cloud, virtualization and mobile devices are causing an exponential increase in the attack surface. Many organizations might be inclined to address this problem with a ‘containment’ strategy - limiting the places where data can go, and only allowing a limited number of people to access it. However, this strategy of “no” – where security is based on restricting data access and movement – runs counter to everything technology enables today. The mandate today is to achieve a strategy of “yes,” which is built around the understanding that the movement and sharing of data is fundamental to business success.

From Breach Acceptance to Securing the Breach

It’s one thing to change mindsets. It’s another to implement a new approach to security across an organization. While there is no “one size fits all” prescription for achieving the “Secure Breach” reality, there are three steps that every company should take to mitigate the overall cost and adverse consequences that result from a security breach. Control access and authentication of users. Encrypt all sensitive data at rest and in motion, securely manage and store all of your encryption keys. By implementing each of these three steps into your IT infrastructure, companies can effectively prepare for a breach, and avoid falling victim to one.

It’s not a question if your network will be breached, the only question is when. With the velocity of business increasing, new technologies constantly being deployed and new and sophisticated attacks regularly being launched, is it not inevitable that it is only a matter of time before your business is hacked.
Learn more at: www.securethebreach.com
3 steps

By implementing a three step approach - encrypting all sensitive data at rest and in motion, securely managing and storing all of your keys, and controlling access and authentication of users - you can effectively prepare for a breach.

Secure the Breach

It's not a question IF your network will be breached, the only question is WHEN.

With the velocity of business increasing, new technologies constantly being deployed and new and sophisticated attacks regularly being launched, is it not inevitable that it is only a matter of time before your business is hacked.

This brief video will introduce a new perspective in accepting that a breach will happen; we call this Breach Acceptance. When companies adopt the Secure the Breach mindset, they will fundamentally change the way they protect their organization by securing the real target of attacks -- the data -- rather than securing the vector.




A Three Step Approach to Data Security

  • 1
    Encrypt The Data

    Locate where sensitive data resides, and encrypt it. Whether the data is in physical networks, virtualized environments, the cloud, or in motion, encryption will obscure and protect vital information.

  • 2
    Store and Manage Keys

    You cannot safely encrypt data without a crypto management platform. Keys should be stored in a vault away from any encrypted data, and then implement a process to limit access, rotate, revoke, and reissue keys.

  • 3
    Control User Access

    Determine who has access to the data, implement strong authentication of users, and establish a verification process. Define user access levels, and automate a way to provision and manage tokens and users.

Encrypt all Sensitive Data at Rest and in Motion

Securely Manage and Store Encryption Keys

Control Access and Authentication of Users