Following the news about the Yahoo’s data breach, Raj Samani, CTO EMEA Intel Security commented below that why large corporations continue to fall victim to attacks of this magnitude – and why they can go undetected for so long.
Raj Samani, CTO EMEA at Intel Security:
“With the scale of Yahoo’s attack going undetected for two years, hackers have had time to cause even more destruction. Customers who continue to re-use their authentication data for multiple accounts could be vulnerable to attack from multiple sources – with hackers even accessing accounts that customers had forgotten they ever set up.”
“How is it that huge organisations with data loss prevention (DLP) solutions in place are still suffering breaches of this magnitude?
“Many well intentioned CISOs or CIOs fund DLP projects in an effort to protect their organisations, but forget that awareness and buy-in from business units is critical to success. With poor scope definition and priorities, these organisations might achieve a very basic monitoring level, but they rarely move beyond that. Without any real collaboration between business units, a DLP program has little chance of gaining traction.
“With cyber security threats rising at such a rapid rate, organisations are having to come to terms with the fact that it’s fast becoming a question of ‘when’, not ‘if’, they suffer a breach. As such, protecting the network and detecting a threat is not enough. Organisations need strategies in place that are set up to correct systems in the event of an attack – minimising damage to the organisation and its customers.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.