Responses from the organisations surveyed for the recently-released 2013 Verizon Data Breach Investigations Report (DBIR) validate what most refuse to discuss in detail: we are attempting to secure private industry and national assets relying on a broken cyber security model, says Vice President of Cyber Security for AccessData, Jason Mical.
According to the DBIR, 66% of the reported breaches took months to discover and 69% of those were actually discovered by a third party.
“The traditional cyber security infrastructure is riddled with blind spots and open doors for threats we can’t see, because the tools we traditionally rely on can’t see them,” said Mical.
“Detecting, analyzing and remediating data leakage your DLP misses or malware your IDS and antivirus don’t recognize, and monitoring traveling and telecommuting employees -- whether they’re logged into your network or not -- are all tremendous challenges for organizations. In fact, for most organizations, their ability to detect threats ends with their DLP and signature-based prevention and alerting tools.”
Mical, who is probably best known as the “Father of the SilentRunner technology”, the first full packet capture, network forensics solution of its kind, adds that responding to advanced persistent threats and indicators of compromise by juggling a variety of tools and lacking real-time collaboration results in potentially catastrophic delays.
“Information sharing and high-level talk about people and processes has its place, but we won’t see our security posture improve until the weaknesses in the underlying infrastructure are addressed. A piecemeal, inefficient cyber security infrastructure hamstrings people and their processes, inhibits information sharing and makes comprehensive detection and timely response impossible.”
Mical will be in Singapore to attend GovernmentWare (GovWare) 2013.