To your everyday man on the street, Verizon Communications is an American broadband and telecommunications company. But to those of us in the IT security line, Verizon is also one of the frontliners in the fight against cybercrime, responsible for helping many Fortune 500 companies respond to massive data breaches.
But in a tragic turn of events, Brian Krebs reported last week that Verizon has suffered a data breach, resulting in the theft of 1.5 million records of their customers’ information.
While this might seem ironic to most, it’s really not- it’s a reminder to all organisations, especially those in the IT security sphere, that no one is ever 100% safe, 100% of the time.
Why is that?
Since the beginning of IT security, companies have seen their business teams and security teams as being two different entities, who have nothing to do with each other.
That kind of thinking may have cracked it 15 years ago, but operating that way in today’s metagame is going to get you hacked. Big time.
Even if one part of your business consists of security researchers who analyse and write about every major hack of our generation, whether their expertise is being utilized is another matter entirely.
The Human Element
A large number of security breaches can be linked back to the human element- an employee who missed a critical security patch, a critical error notification that was missed, one bad email click — any of these things, and more, could give cybercriminals the opening they are looking for.
Phishing emails are the perfect example of how vulnerable the human element makes organisations — it was reported that in the last 2 months, 7 companies have fallen for phishing attacks.
And regardless of how big of a security expert you might be, you are never truly off the hook (pun intended) — 52% of cybersecurity experts surveyed revealed that they are not confident that they can spot a phishing email. Even a top privacy and security regulator working for the Federal Trade Commission fell for an email scam, in a moment of flawed judgment. (Read more about that here).
An Ever-Changing Network Geography
What’s considered safe today could be a gaping hole in your security systems tomorrow. New vulnerabilities are being found everyday, and missing a critical patch could give hackers the way in they have been looking for.
Constantly Under Attack
Big organisations are fighting a war against hackers 24/7. One large Chinese retailer told us that they can be attacked as often as 1,000 times a day.
The sad truth is, you can defend your systems for years, but it can all come crashing down the moment one hacker finds his way in.
If every network is as vulnerable as they sound, does that mean that all a business can do is wait for the inevitable breach?
No, Because You Can Protect Your Data, Even If You Get Hacked.
One security measure that will never go out of style is understanding your data. This means knowing, at all times, what you have that hackers want. And that’s important, because if you don’t know what you have, you can’t keep it away from the bad guys.
Many businesses focus heavily on keeping bad guys out of their systems, when really they should also be thinking about the backup plan: so what happens if they do get in? What would they be interested in stealing from us? How do we keep our valuables out of their reach?
A great way to answer these questions, and provide a solution to the very problem, is by using Ground Labs’ sensitive data management tool, Enterprise Recon. It allows you to scan your entire network for anything hackers might be interested in stealing, ranging from credit card numbers to employee information.
If you can neither confirm nor deny if you have sensitive data on your systems, don’t worry- you’re far from being alone. Sign up for a free trial of Enterprise Recon today, and take the first step towards understanding your data.