UPDATED 12:10 EDT / MARCH 20 2013

Bouncing Back After a Security Breach

Knowing your sensitive data is in the hands of an unknown source can be a terrifying experience for anyone. IT security professionals do their best to defend and protect their organizations’ intellectual property from a myriad of threats, including hackers, insiders, and even simple misconfigurations that can leave sensitive, or regulated data inadvertently exposed. Today, the dangers surround us from both an internal and external perspective, so the need for proper security is becoming more important than ever.

Ideally, we would like to prevent breaches from happening – they are costly, time consuming to clean up, embarrassing and detrimental to our reputations. Unfortunately, with increasingly complicated network infrastructures, a breach is, frankly, inevitable — be it in house or in the cloud. One external factor, cyber attacks, has become an issue of greater prevalence. A Ponemon Institute survey demonstrates that there was a 42 percent increase year-over-year for cyber attacks to those companies surveyed. We expect these numbers to only continue to rise unless businesses get a better hold on their digital data.

The implications are absolutely staggering – just look what has been going on in South Carolina over the past four months. The state is still in the process of securing computers and notifying victims, with an estimated price tag of at least $20 million… and counting. The mere logistics of notifying both in-state and out-of-state residents has been incredible, alongside the natural PR backlash and swift response. While South Carolinians are looking to make this a one-time issue, they along with others are asking themselves the same question – what could have been done better? So how can you put a plan in place to address a breach when it happens, and quickly move from reactive panic to proactive progress?

Accept Responsibility and Find the Cause

.

Perhaps one of the more humbling steps to bouncing back after a cloud security breach is notifying all related parties that are directly or tangentially affected to the data. To compound things, you may not be the only one at fault. For instance, new HIPAA regulations unveiled last month hold business partners, associates, and affiliated handlers of medical data accountable to the same repercussions (and fines) as the ones holding the data. As a result, tensions could be high and those in hot water will certainly be looking for the scapegoat. Whether it’s you or not, playing the blame game doesn’t turn into positive results. Instead, accept the mistake and reassure your customer base about the security changes that you will be making. If fines are levied, you’ll need these partners to help keep your company afloat. More importantly, identify the issue and install the proper measures to safeguard your data moving forward.

Finding the cause seems an obvious step, but the answer is typically much more nuanced. It is time to think like a detective and retrace the steps of how your data was breached. If the implications of your breach are significant, you might want to hire a forensics professional to help. If the attacker was malicious, which passwords did they access? Who did they pretend to be? What information was taken? And the most important question that must be answered before moving forward is: “How was it done?” Once you are able to determine the cause, you can begin to prevent future attacks.

Cyber security can be a complex area for IT teams to undertake, especially with the advent of the cloud where company data lives in an area that is not typically controlled in-house. Breaches happen. And in many cases, they are difficult to pinpoint. Understanding the issues after the fact and working to proactively avoid these mistakes to seal up those mouse holes is vitally important for company success.

About the Author

Steve Pate is CTO and co-founder of HighCloud Security, bringing 25 years of designing, building, and delivering file system, operating system, and security technologies, with a proven history of converting market-changing ideas into enterprise-ready products. Before HighCloud Security, he built and led teams at ICL, SCO, VERITAS, HyTrust, Vormetric, and others. HighCloud’s resident author, Steve has published two well-respected books on UNIX kernel internals and UNIX file systems, as well as hundreds of articles and blogs.

 

photo credit: greenplasticamy via photopin cc

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.