An enterprise’s breach notification procedures and vulnerability management programs, and need for real-time malware detection and protection, have come under increasing scrutiny in light of the disclosures of the Equifax data breach. As a result of the failure of Equifax to address a software vulnerability in a timely manner, a series of events began which culminated in regulatory, criminal and state attorney general investigations.
At the core of several of these investigations is a goal to establish a finding of negligence, so the most severe penalties can be inflicted upon the company as both punishment for alleged poor security and also as a dissuasive tactic directed at other businesses with less than robust protections of customer Personally Identifiable Information (PII), privacy information and financial information. Fortunately, the conclusion of negligence is not a forgone one. A number of tests exist, which require evidence, expert opinion and legal discussion.
Also Read: Where Fire Department Data Breach Fire
One of the tests used is to ask the question: Is it reasonable the information which was lost or stolen could do harm to an individual and if so how much harm? Clearly, the loss of credit card or banking information may be leveraged for immediate financial gain by cybercriminals – however, credit cards and bank account numbers are relatively easy to replace. Information such as credit history, medical or taxation information becomes far more problematic as names, dates of birth and addresses are much harder to change – if not impossible.
A finding of negligence is a result of failing any of the four of the tests: ignoring the explicit items you defined as your businesses responsibility, dismissing the likelihood of a security incident on an Internet connected machine, failing to implement a security best-practice in an egregious manner and identifying the potential of tangible harm to the victim, customer or business. A finding of this nature will not end well for your business or your customers.
As harsh as the analysis may be, a basic understanding of the responsibilities of executive oversite is not a frivolous exercise – engagement by the C-suite can make the difference between catastrophic loss or business as usual. When vulnerabilities are actively being exploited and million and billion dollar companies are falling victim, C-suite direction for rapid response is the best risk mitigation tactic. Anything less than rapidly responding to a Zero-day threat makes it easy for the bad guys to impact your company’s operations.
Complexitities in operations, large of the end nodes, diversity in hosted (data centers, Cloud, VMs, etc), global presence, handoff between teams, ownership conflicts are the inherit factor of any business operation and, hence, this situation warrants that human error are reduced by adaptation of the Orchestration and Automation supported by well defined Security Operation playbooks.
Simply put, the only reason you may feel the cybercriminals are winning, is because you have not called in experts to help you defend your business systems. Well known leadership coach Jesse Lyn Stone asserts, “Asking for help when you need it is a sign of strength, not weakness.” If you’re serious about protecting the customer information your business has and your team is struggling, it is time to bring in reinforcements.
Contact Us Today
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
A Winning Base for Successful Digital Transformations When it comes to developing a successful digital strategy, it is not just corporations planning to maximize the benefits of data assets and technology-focused initiatives. The Government of Western Australia recently unveiled four key priorities for digital reform in its new Digital Strategy for 2021-2025.Explore
Engage Your Workforce with a Modern Employee Intranet Solution The employee intranet has changed significantly since it was first introduced in the early 1990s. What started as HTML-based static portals have now evolved into intuitive communication tools complete with search engines, user profiles, blogs, event planners, and more. Today, many organizations are taking a second look at employee intranets to bridge gaps between teams, build company culture, centralize information, increase productivity, and improve workflow.Explore
Adopting emerging cloud technologies, consolidating resources, and improving processes is the key. “IT no longer just supports corporate operations as it traditionally has but is fully participating in business value delivery. Not only does this shift IT from a back-office role to the front of business, but it also changes the source of funding from an overhead expense that is maintained, monitored, and sometimes cut, to the thing that drives revenue,” said John-David Lovelock, research vice president at Gartner.Explore
Deliver Powerful Insights Instantaneously with Federated Queries - No Matter Where Your Data Resides The concept of federated queries isn’t new. Facebook PrestoDB popularized the idea of distributed structured query language (SQL) query engines in 2013. Over the years, AWS, Google, Microsoft, and many others in the industry have accelerated the adoption of a distributed query engine model within their products. For example, AWS developed Amazon Athena on top of the Presto code base, while Google’s BigQuery is based on Cloud SQL.Explore
What is Unstructured Data? Almost 80% of the data that enterprises and organizations collect is unstructured - data without a set record format or structure. Unstructured data includes data such as emails, web pages, PDFs, documents, customer feedback, in-app reviews, social media, video files, audio files, and images.Explore