An enterprise’s breach notification procedures and vulnerability management programs, and need for real-time malware detection and protection, have come under increasing scrutiny in light of the disclosures of the Equifax data breach. As a result of the failure of Equifax to address a software vulnerability in a timely manner, a series of events began which culminated in regulatory, criminal and state attorney general investigations.
At the core of several of these investigations is a goal to establish a finding of negligence, so the most severe penalties can be inflicted upon the company as both punishment for alleged poor security and also as a dissuasive tactic directed at other businesses with less than robust protections of customer Personally Identifiable Information (PII), privacy information and financial information. Fortunately, the conclusion of negligence is not a forgone one. A number of tests exist, which require evidence, expert opinion and legal discussion.
Also Read: Where Fire Department Data Breach Fire
One of the tests used is to ask the question: Is it reasonable the information which was lost or stolen could do harm to an individual and if so how much harm? Clearly, the loss of credit card or banking information may be leveraged for immediate financial gain by cybercriminals – however, credit cards and bank account numbers are relatively easy to replace. Information such as credit history, medical or taxation information becomes far more problematic as names, dates of birth and addresses are much harder to change – if not impossible.
A finding of negligence is a result of failing any of the four of the tests: ignoring the explicit items you defined as your businesses responsibility, dismissing the likelihood of a security incident on an Internet connected machine, failing to implement a security best-practice in an egregious manner and identifying the potential of tangible harm to the victim, customer or business. A finding of this nature will not end well for your business or your customers.
As harsh as the analysis may be, a basic understanding of the responsibilities of executive oversite is not a frivolous exercise – engagement by the C-suite can make the difference between catastrophic loss or business as usual. When vulnerabilities are actively being exploited and million and billion dollar companies are falling victim, C-suite direction for rapid response is the best risk mitigation tactic. Anything less than rapidly responding to a Zero-day threat makes it easy for the bad guys to impact your company’s operations.
Complexitities in operations, large of the end nodes, diversity in hosted (data centers, Cloud, VMs, etc), global presence, handoff between teams, ownership conflicts are the inherit factor of any business operation and, hence, this situation warrants that human error are reduced by adaptation of the Orchestration and Automation supported by well defined Security Operation playbooks.
Simply put, the only reason you may feel the cybercriminals are winning, is because you have not called in experts to help you defend your business systems. Well known leadership coach Jesse Lyn Stone asserts, “Asking for help when you need it is a sign of strength, not weakness.” If you’re serious about protecting the customer information your business has and your team is struggling, it is time to bring in reinforcements.
Contact Us Today
Finding Hidden Patterns and Correlations Innovative technologies such as artificial intelligence (AI), machine learning (ML) and natural language processing (NLP) are transforming the way we approach data analytics. AI, ML and NLP are categorized under the umbrella term of “cognitive analytics,” which is an approach that leverages human-like computer intelligence to identify hidden patterns and correlations in data.Explore
The Rise in Big Data Analytics According to Internet World Stats, global internet usage increased by 1,339.6% between 2000-2021. With nearly thirteen times as many people using the internet, this has resulted in a massive increase in the amount of data being processed daily. Our increased sharing and consumption of digital media also compounds this increased usage to create an enormous pool of data for big data analytics firms to process.Explore
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
The Cloud is the Key to Transformation Success… Transitioning your applications to the cloud is undeniably a critical factor to a successful digital transformation endeavor. It’s more than just a lift-and-shift, however. Let’s explore several things that you need to consider before migrating your applications to the cloud, including: Readiness of your application portfolio Where to begin – the right business case and migration strategy Technology requirements and considerationsExplore
Application Modernization at Speed and Scale Enterprises are pursuing greater application scalability, cost efficiency, and standardization with containerization and virtualization platforms. So, what’s the difference? Containers are a type of virtualization technology that allows users to run multiple operating systems inside a single instance of an OS. They are lightweight and portable, making them ideal for running applications across different platforms.Explore