"It will take a massive incident for our company to wake up to itself!" How often do you hear that in the information security industry? All the time — so what generally happens when things go horribly wrong after the "incident" occurs?
Here's how the scenario plays out:
1. A big internal WTFJHM (What The **** Just Happened Meeting) takes place. (Generally 95 per cent executives with no idea and 5 per cent staff — with some idea).
2. The meeting will go along the lines of:
3. Draft a press statement along the lines of: "We take our client information very seriously, and always have!". Where possible, find a scapegoat. Nowadays, use the ‘APT’ line of defence because that is the “save our backside” line that works consistently!
4. Call in IT to fix the problem so that the media can be told that it's all under control. Sit back and wait for the magic to happen.
5. When IT explains the greater problem and what investment is required to fix and to stay on top of it, check whether media is still running hot on the story.
6. Has the storm blown over? If not, repeat step 5. If it has, move to step 7.
7. Wipe incident from memory. (After all, Australia has no regulators to worry about and, besides, history shows that data security breaches in large companies rarely result in any noticeable long term loss of business).
8. Keep IT security spending at bare minimum and ignore IT security team reminders of the incident. What incident? Something about APT?
In my experience, the only time it plays out differently is when some form of regulator is involved (for example, PCI DSS and the Payment Card Brands). If no one holds a big stick over the company, little changes regarding their long-term corporate security practices and mind set.
As an industry, we must remain vocal and continue to push for change. No one else out there knows the extent of how bad things really are in data security these days.
If we don't speak up, who will? As usual, I welcome your thoughts.
Drazen Drazic is managing director at Securus Global.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.