RSA Coverage: Bad Intentions Will Cost You

By | February 28, 2013

Posted in: Network Security Trends

All breaches are not created equal. Those with malicious intent cost organizations on average nearly twice ($840,000) as much as those with non-malicious designs ($470,000), according to a new study commissioned by Solera Networks and undertaken by the Ponemon Institute.

The report, “The Post Breach Boom,” surveyed security practitioners in the U.S., Canada, UK, Australia, Brazil, Japan, Singapore and United Arab Emirates. All participants in the study represent organizations that had one or more data security breaches in the past 24 months. The results were unveiled on Tuesday at the annual RSA conference.

While the cost of malevolent attacks will take a larger bite out of the company wallet, the fact that only 40% of survey respondents say they have the tools, personnel and funding to pinpoint the root causes should surprise very few.

“[The] study confirms that organizations are facing a growing flood of increasingly malicious data breaches, and they don't have the tools, staff or resources to discover and resolve them," said Dr. Larry Ponemon, chairman and founder, Ponemon Institute.

This theme of resource depravation and under preparedness was echoed at several of this week’s RSA Conference sessions.

According to Mark Weatherford, Deputy Under Secretary for Cybersecurity at the Department of Homeland Security, who spoke on the federal government’s cybersecurity “brain drain,” finding enough personnel to handle these types of incidents is still a work in progress as government officials strive to build an information exchange to locate quality potential hires.

“Sometimes we literally write down names on the back of a napkin,” he said.

Having the tools is one thing, but utilizing them in preparation for the inevitable breach should be the new global security mantra.

At her talk on the new cyber threat landscape, veteran prosecutor Kim Peretti, who spent years prosecuting some of the world’s most sophisticated cyber crime rings as a senior litigator for the Department of Justice's Computer Crime and Intellectual Property Section, said current breach investigations are often not thorough enough.

“Criminals have changed and continue to try and maintain deep and prolonged access,” she maintained.

Their aim is to return and do additional harm, something that could – and does – cost organizations far more than dollars.

Motivations and lack of resources aside, nearly a third of all malicious breaches were not even caught by the victim organization, according to the study. Instead, the impacted group is often notified by a third party, like law enforcement or a customer, or even discovered by accident.

Peretti maintains that information sharing is key to properly investigating and mitigating these cyber threats. She points to the recent Distributed Denial of Service (DDoS) attacks as evidence that a new effort towards collaboration can help lessen the impact of malicious breaches.

“The DDOS attacks are a great example of how important information sharing is,” she said.

Knowing the source of such malicious attacks and being in a position to have that information beforehand is paramount to streamlining breach investigations. This sort of collaboration could eventually lead to shorter response times, another area where enterprises were lacking.

"Months are passing as [organization’s] key information assets are left exposed,” said Poneomon. “The results demonstrate a clear need for greater and faster visibility--as well as a need to know the root cause of the breaches themselves--in order to close this persistent window of exposure."

According to the study, it took affected companies on average 80 days to discover a breach and another 40 additional days to remedy the breach – a gap that needn’t exist.

“Incident response is now outdated,” said Peretti. “Within hours, it is now crisis management.”

And as is evidenced by the  study’s findings, organizations need to react accordingly.

You May Also Be Interested In: