Sex, lies and cybercrime: reducing the threat and cost of data breaches

Author: ​Zak Khan, director of custom cyber defence at Trend Micro Australia and New Zealand

The Ashley Madison data breach has rocked the world and dominated media headlines for weeks. The data leaks from the Ashley Madison accounts was the culmination of a month-long digital stand-off between the company behind the extra-marital affair dating site and a hacktivist group called the Impact Team.

The average data breach costs Australian organisations $2.8 million[i], as well the long term impact on shareholder value and brand image. According to Trend Micro’s 2014 security roundup report, companies suffered financial, legal, operational, and productivity losses after getting hit by massive data breaches.

The Ashley Madison attack has already proved the crippling reputational effects and additional costs associated with data breaches. Ashley Madison founder and CEO, Noel Biderman, has resigned amid the hacking scandal, and reports have surfaced that customers are already suing the company.

What the Ashley Madison hack means for Australian businesses

The Ashley Madison leak has shown that many organisations are not ready to deal with a data breach, either by preventing one in the first place or managing one after it’s occurred. This is problematic given the real-world implications of data breaches.

The severity of this attack and its effect have revealed that the risks of becoming the next victim of a cyberattack have become higher. These kinds of cyberattacks can happen to companies in any industry and of any size.

Across Australia we have already seen an eightfold increase in enquiries this year after analysts forecasted another big year for data breaches. With so many high profile attacks in the past 12 months, organisations are beginning to recognise that prevention is cheaper than a cure.

Merely dealing with threats as they surface is no longer enough; acting on risk assessment results prior to security incidents is actually more beneficial. Australian organisations need to rethink their current cybersecurity strategy so they can easily respond to and mitigate attacks.

It is critical for organisations to plan ahead so they can instantly take action. Attackers are both tenacious and persistent in stealing data and intellectual property. To effectively deal with this reality, organisations in Australia need the ability to detect unexpected and unseen attacks and indications of attacker behaviour across all nooks and crevices of their networks.

Mitigating the risks

All in all, it’s a combination of identifying what’s most important, deploying the right technologies and educating users.

In an ideal scenario, security measures against data breaches should be put in place before such incidents occur. For example, organisations should assess the type of data that they ask from users. Do they really need certain specifics beyond contact and financial information? Even non-essential nuggets of information can be seen as sensitive — especially when used as building blocks to complete a victim’s profile.

Encrypting sensitive information and restricting access to it goes a long way in mitigating possible intrusions, especially from internal hackers. Some have speculated that the Ashley Madison breach was an inside job; if that were the case, stricter access control could have made it harder to get the data.

When it comes to data breaches, it is no longer an issue of ‘if’ but ‘when.’ So even with these preventive measures in place, organisations should assume that there is an intruder in the network. With that thought, continuous monitoring of systems should be implemented to look for suspicious activity.

With all this in mind, organisations need to deploy a concrete multi-layered defence system as a proactive step against data breaches, as follows:

  • Deploy web application firewalls (WAF) to establish rules that block exploits especially when patches or fixes are still underway.
  • Deploy data loss prevention (DLP) solutions to identify, track, and secure corporate data and minimise liability.
  • Deploy a trusted breach detection system (BDS) that does not only catch a broad spectrum of Web-, email- and file-based threats, but also detects targeted attacks and advanced threats.

If you do find your organisation has suffered a data breach, there are a few initial first steps to take. Firstly, you need to confirm that a breach did occur. Customers and victims should learn of the breach from your organisation, never from the media. Organisations then need to be open and honest about the details of the breach, stating everything that is currently known about the incident – such as the time the incident occurred – and keep their customers updated as more information arises.

[i] Ponemon Institute Report: 2014 Cost of Data Breach Study: Australia

Join the CSO newsletter!

Error: Please check your email address.

Tags adulteryliesAshley MadisonCSO AustraliacybercrimethreatsexAustralian businessesdata leaksdata breaches

More about CustomersDLPTrend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Zak Khan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts