This weekend, The San Francisco Chronicle reported on PayPal and other companies buying stolen data from criminals, detailing the process and its importance to counter intelligence investigations. Mark Bower, global director, product management for HPE Security, have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Mark Bower, Global Director of Product Management, Enterprise Data Security for HPE Data Security :
“The strategy of buying samples of stolen data can help with forensic investigations and an understanding of the criminal value chain where stolen data is bought and sold. Secondly, having access to what was stolen can help pattern match the digital fingerprints of data flows to track down points of leakage where live data is exposed to attacks.
This may help close gaps in sensitive data handling, but better still, help build the case for the deployment of newer preventative technologies that can be applied to stop these kinds of breaches in the first place, versus a ‘gap by gap’ remediation approach.
Modern data-centric security, the technology of choice to deliver this end-to-end encryption approach to minimize the need for any clear data exposure, reducing gaps broadly, and ensuring attackers get nothing of value when they do penetrate enterprise systems.”[/su_note]
[su_box title=”About HPE Security” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.