The unprecedented number of data breaches over the last year has increased investigation of attack patterns and deep post-breach analysis to reveal the root cause. Knowing your IT environment gives you better control over your most critical systems, but awareness of what is going on outside your perimeter gives you the opportunity to proactively prepare for possible cyberattacks.
'The interest towards security breaches helps keep the IT community informed about typical data breach patterns and warn them in advance, 'said Alex Vovk, CEO and co-founder of Netwrix. 'The truth is that financial data protection is no more a private matter of companies, it is a global problem for all businesses. We need to improve awareness of existing security risks and encourage IT pros to regularly share experience to detect common patterns in order to help businesses withstand to emerging cyber threats.'
The negative experiences of other market players, especially in the financial sector, may serve as an excellent guideline for identifying existing gaps and strengthening your own security.
This case showed us that the importance of privileged account monitoring shouldn’t be underestimated. Insider misuse has always been a nightmare for security officers because it’s hard to detect and impossible to prevent. The headline-making Morgan Stanley experienced it firsthand when an employee stole customer information on 350,000 clients, including account numbers.
To prevent users from taking advantage of their privileges, it is essential to enable continuous monitoring of their activities as well as ensure that employee permissions are properly granted. This will help you ensure that they are not extracting or manipulating data that is not required for their particular business needs.
Premera Blue Cross
Financial institutions are not the only entities whose financial data is vulnerable to exposure. US Health insurer Premera Blue Cross experienced a cyberattack that compromised the financial, medical and personal data of 11 million customers and all this happened only three weeks after a routine audit that revealed several problems with their network security.
The main lesson to learn here is to take compliance regulations more seriously and consider them as a step toward stronger security, rather than a routine task that ends as soon as the door closes behind the auditors. Regular compliance validation is an opportunity to improve security and risk assessment processes as well as prove the adequacy of your internal policies.
Because any vulnerability in the IT infrastructure may be exploited by sophisticated adversaries, address security issues that are identified by the auditors immediately, regularly review your internal regulations and update them according to changing threat patterns.
Bank of Manhattan Mortgage Lending
Despite increased attention to security, practice shows that many incidents are caused by human factors. No matter how advanced your security mechanisms are, they have little value against the negligence of just one employee who unintentionally discloses customer mortgage information, including personal and financial data, which was exactly what happened to Bank of Manhattan Mortgage Lending.
Establishing strict security policy is not enough; in a fast-moving cyber risk environment, you need to know exactly who touches sensitive data and why. Visibility across the entire IT infrastructure is not a nice-to-have; it is a need-to-have data integrity factor that provides the necessary level of control to stay proactive in identifying and eliminating critical security vulnerabilities.