The new Thales Data Threat Report produced with The 451 Research codifies and questions enterprise security spending priorities. Among the key points: 26% of organizations responding experienced a breach in the last year and 30% say their organizations are very or extremely vulnerable; and organizations are spending on endpoint & network security. 451 analysts urges organizations to embrace newer security technologies. IT security experts from Balabit, STEALTHbits Technologies, CipherCloud, VASCO Data Security and Prevoty commented below.
Sándor Bálint, Security Lead for Applied Data Science at Balabit:
“It’s all too easy to chastise organizations for a perceived misalignment of security spending priorities – it is another thing to actually be at the helm and making the calls. For many security managers, it feels like trying to plug a thousand holes in a boat, while behind you someone’s pointing out that the water’s rising and you haven’t plugged everything yet.
“The best advice I can give other security professionals: if you have the basics in place, then spend your first security budget dollars to improve monitoring. Collect and analyze logs, preferably using tools that allow fast drill-down and also help connect the dots with features such as advanced anomaly detection and behavioral analytics. Do vulnerability scans, perform audits. Once you understand what is going on in your organization, you’ll know where the risks are and where to spend your next budget dollars. Read reports and vendor recommendations, but know that ultimately the buck stops with you.”
“While it’s without question that newer technologies represent an exciting future in the fight against cyberattacks, the facts also support the argument that the technologies needed to prevent successful data breaches are here today, and have been for some time. While the entry points attackers take into an organization are widely varied, their tactics once inside are highly consistent and largely unsophisticated by today’s measures. Recent studies have found that simple misconfigurations in OS security settings and a general lack of ability to measure an organization’s adherence to the best practices they’ve committed to adopt is largely to blame for the continued success attackers have had over the years.
“Are new technologies needed to stop today’s threats? Absolutely. But, at the end of the day, every attacker is after two things; the data they want to steal, and the credentials they need to access that data. Focus on securing the very two things attackers are after, rather than how they get there, will ultimately yield the best results in the end.”
“Thales, the organization that designs technology ranging from Train Station signage, through nuclear submarines to nation state grade encryption algorithms. It’s safe to say that when an organization such as Thales releases reports of this kind, we really should take it seriously.
“By far the most prevalent method for Ransomware delivery is email – a platform that virtually circumvents end-point and network layer security. It’s also worth notig that “Insider Threat’, where an administrator who has escalated privileges and therefore the encryption keys to sensitive data at rest can circumvent encryption level security. The Thales report highlights the need to protect – at source – the two most critical elements: Credentials and Data.
“Credentials are used to gain access to data, and those credentials in 95% of organizations are held and managed by Active Directory. Protect Active Directory and you massively reduce the risk to data at rest. The next step is to add a secondary layer to protect organizations from the insider threat, and that could be to override underlying weak native permission models. Build your security model outwards from the targets of the attack – data-at-rest and credentials.”
“Many businesses have an outdated mindset when it comes to cybersecurity. Investments in network and endpoint security extend the old perimeter security model – get bigger locks to keep the bad guys out. But with the explosion of cloud computing, the network perimeter becomes irrelevant, as vast amounts of infrastructure, processing, and storage are done outside of legacy network boundaries. This change requires a challenging pivot – focusing on protecting data wherever it goes – not just in known locations.”
.
Shane Stevens, Director of Omni-Channel Identity and Trust Solutions at VASCO Data Security:
“When it comes to data security, businesses continue to deal with balancing priorities between transformation and operations, and current operations tip the scale. The demands are tactically to fix, band-aid and quickly address issues, which leads to leveraging current infrastructure, tools, software and resources, and pulling back on budgets for strategic solutions and technology advancements that today do not allow product to produce a holistic solution. Most companies are not structured to allow operations and innovation to exist in organizational harmony. This is why we continue to see passwords still around, simplified multifactor authentication still scarce and data breaches continuing to rise.”
“Enterprises are used to the concept of a perimeter, the network, and access doors , the end-points, so naturally they focus spending on keeping the wall up to keep the bad people outside out. The reality is that this infrastructure only exists because of the software that runs on it, and that software does not live within a perimeter anymore. If you ask any infosec specialist what visibility they have in the threats that are attacking their software and data, they most likely will have no answer. This is where we need to focus our investment, intelligence and defense – for software and data wherever it is.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.