Last year's data/compliance breaches at large enterprises like Deutsche Bahn, NHS, Honda and Anthem are a reminder that current levels of threat vigilance need to step up. In 2018 data visibility becomes a key area for organisations to control if they are to enjoy improved success rates against threats, both old and new. Data breaches spell falling stock prices, reputational damage, compliance failure, service disruption and major expense.
Already in 2018 there have been several high profile cybersecurity incidents including Carphone Warehouse in the UK, US Homeland Security and India's Aadhaar. Each of the following five security industry trends is a compelling reason in its own right for large enterprise to keep a closer than ever eye on their data. Taken together they serve as a call to action or risk joining this year's growing list of breach victims:
1. Increased pressure on customer data and intellectual property
Customer data has become central to managing customer relationships while company intellectual property (IP) is routinely computerised. Both types of data are valuable to hackers and industrial spies.
The enterprise is under great pressure to keep it well safeguarded. Enterprises have always collected and stored the names and other personal/financial details of their customers. 21 st century advances in technology have encouraged more and more of this data to be shared and stored digitally. As result, entire business strategies have developed that rely entirely on the day-to- day analysis of customer data to reveal personal preferences and shopping habits. Company confidential IP data is no less strategic to the business. A data breach can have a serious and lasting financial impact on companies today.
2. The threat from within
Some of the biggest data breaches have occurred when insiders misuse their account privileges. The Edward Snowden and Anthem scandals are two of the most notorious examples. Intentional or accidental privilege misuse by employees keeps on happening, indicating a clear need for tighter controls over user activity. In Netwrix's 2017 IT Risks study of over 700 respondents, 59 percent of enterprise IT pros cited employees as the biggest security risk. This is supported by the Verizon 2017 Data Breach Investigation Report which found 25 percent of all breaches in the previous 12 months involved internal actors.
Clearly there is a strong need for enterprises to have a stronger handle on how they monitor and analyse user activity. For this reason enterprise interest in user behaviour analytics (UBA) and machine learning tools for mitigating damage from internal data tampering will grow in 2018.
3. Supply chain risk
Enterprises have partnerships with a wide range of third party suppliers and contractors. Often these relationships include much smaller businesses. Lower down the chain IT security resources are more likely to be stretched, leaving more chances for things to go wrong. The Target, Home Depot and CVS Photo breaches are examples of what can happen when they do. Organisations need tools that help them track and analyse third-party activities so they receive early warning of possible risk exposure and take pre-emptive action to mitigate it.
4. Mobile, cloud and the disappearing perimeter
The rise of personally-owned mobile devices and cloud-based applications in the enterprise has added new risks that are beyond the scope of traditional on premise security measures. According to the McAfee study Building Trust in a Cloudy Sky more than half of the professionals surveyed report tracking malware incidents to a SaaS application. Enterprise visibility of company data in the cloud, on mobile devices and across shadow applications has become as important for maintaining water-tight security as it is for traditional network data.
5. Tightening compliance environment
Many large enterprises still struggle to meet their compliance obligations. The same IT Risks report quoted above found 59 percent of enterprises complying with regulatory standards either had problems during IT audits or could not pass them on the first try. It's a situation set to become even more challenging as new regulations such as PSD2 and open banking in finance and General Data Protection Regulation (GDPR) for safeguarding the data of EU citizens come into force during 2018. The most common reasons for enterprise difficulties meeting regulatory standards are either incomplete evidence or failure to deliver the evidence within a reasonable time frame. This suggests issues with internal IT auditing processes that could be resolved with better all-round data visibility.
In summary, securing and monitoring a complex and distributed IT infrastructure is essential for enterprise growth and regulatory compliance. But it can be a challenge. It requires cooperation by employees at all levels as well as continuous improvements to meet emerging threats. Though there is no silver bullet, improved insight into what is happening across all systems can significantly improve detection of emerging risks. Enhanced data vigilance can help enterprise identify threat patterns early and take pre-emptive action to mitigate risks as they occur as well as make it easier to meet regulatory obligations.
Contributed by Matt Middleton-Leal, GM, EMEA, Netwrix.
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.