“If you look at how most companies got breached, it was a function of simple hygiene,” Hindawi told the forum audience. In other words, it’s not about how good the hacker is, it’s about the fact that companies are not doing their part in keeping their data secure.
“If you look at the attacks we’ve seen, and we’ve seen thousands, many of the companies didn’t do the things they’re supposed to,” Hindawi said.
“Have you wondered why these attacks keep happening?”, one writer asks in Digital Guardian. “All we are able to do, all that’s been done, is to build a massive perimeter defense that guarantees only authorized people will gain access. The problem here is that attackers steal authorization credentials. So to these defenses, the attackers still appear authorized. Perimeter network defenses are completely blind to the fact this person is a bad actor.”
Some organizations are using specialized software tools called Data Loss Prevention, or DLP, that are supposed to protect valuable company data. DLP software looks at files being sent off the network and tries to determine if they are sensitive. If it’s determined that they are sensitive and the action is risky, then the operation will be cancelled. Unfortunately, attackers have learned to adapt to traditional DLP software, Digital Guardian said.
So what options do companies have?
Hindawi said that Microsoft sends out regular security patches, pieces of software code intended to thwart new known threats, and that too few companies implement them rigorously. In addition, there are other basic tactics too many companies are ignoring, such as implementation of multi-factor authentication protocols and anti-virus software. “Imperfect as antivirus software may be,” Hindawi said, “having it is better than not having it.”