/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow Us- Anand Naik, MD -Sales, India & SAARC, Symantec
Data breaches have the potential to not only cause monetary loss but also affect the company's overall reputation amongst customers and general public. Information, which is one of the most critical resources accessible 24X7 from anywhere, is also the most important asset to be safeguarded. However, rising IT trends such as cloud, mobility and virtualization, coupled with the dispersion of information across devices, platforms, have created several avenues for information to be compromised. The number of external and internal threats targeting information is directly proportional to the increasing monetary value of information.
The Symantec Cost of Data Breach Study found that Indian organizations which take a more strategic approach to information security experience better outcomes. Twenty five per cent of the respondent-organizations had employed a Chief Information Security Officer and centralized the management of data protection; these experienced a 46 per cent lower cost of a data breach than those without a C-level officer responsible for information security.
The adage that precaution is better than cure holds true even in the case of security risks. Here are some steps for organizations to achieve such a security strategy, protecting data at rest and in motion, whether devices are on or off the network, and regardless of where it resides:
Classify information: To protect data, one must first know where it is, how it is used and what is critical to the organization. Classifying data and defining who has access to what is the first step. Role-based information access must be ensured and critical data must be secured with multiple layers of protection.
Stop Incursion: The top four means of hacker incursion into a company's network are through exploiting system vulnerabilities, default password violations, SQL injections, and targeted malware attacks. Core systems protection, IT compliance controls assessment automation, and endpoint management, in addition to endpoint, Web, and messaging security solutions, should be combined to stop targeted attacks.
Use Security Information and Event Management Systems: To help identify and respond to the threat of a targeted attack, security information and event management systems can flag suspicious network activity for investigation. The value of such real-time alerts is much greater when the information they provide can be correlated in real time with current research and analysis of the worldwide threat environment.
Proactively Protect Information: In today's connected world, it is no longer enough to defend the perimeter. Now organizations must accurately identify and proactively protect their most sensitive information wherever it is stored, sent, or used. By enforcing unified data protection policies across servers, networks, and endpoints throughout the enterprise, organizations can progressively reduce the risk of a data breach.
Data breach policies and employee behavior: A significant percentage of data leaks in organizations are a result of employee error. Not only should strong policies be established and automated, employees need to be informed of their importance. Data security training sessions must be facilitated as organizational initiatives, along with a clear indication of company policies around the way data is handled.
Automate Security through IT Compliance Controls: To prevent a data breach caused by a hacker or a well-meaning or malicious insider, organizations must start by developing and enforcing IT policies across their networks and data protection systems. By assessing the effectiveness of the procedural and technical controls in place and automating regular checks on technical controls such as password settings, server and firewall configurations, organizations can reduce the risk of exposing sensitive information.
Prevent Data Exfiltration: In the event a hacker incursion is successful, it is still possible to prevent a data breach by using network software to detect and block the exfiltration of confidential data. Well-meaning insider breaches that are caused by broken business processes can likewise be identified and stopped.
Integrate Prevention And Response Strategies Into Security Operations: In order to prevent data breaches, it is essential to have a breach prevention and response plan that is integrated into the day-to-day operations of the security team.
Enhance coordination between business and IT groups: Data loss is never just an IT risk; it often has severe business implications. Therefore, it needs to be addressed as a business problem with due consideration given to its overall impact on the business. It is beneficial to bring together key-stakeholders of the business together to discuss and understand implications of data breaches.