Cybersecurity is in the news and for good reason. Many of us have experienced firsthand what cybercriminals can do with our credit card numbers and our personally identifiable information being sold on the black market. In government, though, the stakes are higher. So it shouldn’t be a surprise that cybersecurity is on GAO’s High Risk List. Vulnerabilities abound in today’s technology-dependent world, and cybercriminals excel at exploiting weakness. Fortunately there are weapons organizations can deploy to fight back, and they fall into three main categories: people, tools, and data.
Anybody who has anything has something worth stealing. Today’s advanced cybersecurity threats are putting CISOs on the hot seat. And while detection and prevention remain the staples of security, effective incident response has become critical to the bottom line. When (not if) you are breached—how will you investigate, and how will you respond? This post explores 7 important questions that every Chief Information Security Officer must be able to answer about incident response.
The cybersecurity headlines have gotten bigger, bolder, and more prevalent as 2014 draws to a close. Not surprisingly, as a result of these costly cyber incidents, there has been much discussion about how to prevent—how to detect—and how to prepare for cyber attacks, including my recent article in InformationWeek’s Wall Street & Technology: "5 Tips On How To Prepare For A Data Breach."
The theft of credit card and personal identity information is big business. We’ve all seen the headlines about data breaches at Target, Home Depot, and JPMorgan Chase. At JPMorgan Chase, personal information for 83 million households and small businesses was stolen, including names, addresses, phone numbers, and emails. The theft of this personal information is not only expensive to JPMorgan Chase (and its insurers), and not only upsetting for all the people impacted—it can also lead to more cyber attacks in the future, since personal information helps cybercriminals better target individuals. To investigate a cyber attack, you need to be able to look back in time and figure out what happened: how did the attackers get in the door? Where did they go, and what did they take once they got inside?
My Fed colleagues tell me that their favorite morning news station for the D.C. beltway commute is Federal News Radio (1500 on your AM dial). So I was thrilled when I was invited to talk to Tom Temin on the “Federal Drive” morning news show about Cybersecurity and Network Forensics. With the latest Home Depot breach still fresh in the news, we talked about the growing awareness that breaches are going to happen, and the importance of putting robust incident response plans in place—in advance.
Working with our federal customers and sales team to solve complex storage challenges, it’s become clear to me that government agencies are under pressure to modernize their storage infrastructure. No more silos. No more stovepipes. Yes to collaboration. Agencies face a bevy of challenges: massive data growth, shrinking budgets, increased user expectations—as well as technology advances in sensors, analytics, mobile, and cloud—all of which stress traditional IT. To modernize storage infrastructure (and to do it effectively) involves a spectrum of different tools and techniques: e.g. converging backup & archive—consolidating data centers—taking advantage of new cloud technologies—and mixing tiers of flash, disk, object, cloud, and tape to enable collaboration, within budget, at scale.
A former FBI director is famous for saying that there are two types of companies: those that have been hacked, and those that will be. One of the rewards of working on scale-out storage for mission critical environments is that you get to work on solutions that make a difference—to national security, to financial markets, to our economy. Today we are pleased to announce Quantum’s partnership with FireEye in the area of network forensics—a critical component of any modern organization’s security operations.
Recent news reports have shined a big bright light on some very public cybersecurity breaches. And more organizations are asking: Could this happen to me? Am I doing enough to protect my business from a breach? Have I already been hacked—and I just don’t know it yet? There is a growing sense that a cyber attack is inevitable—a sense that traditional signature-based defenses are insufficient. As a result, organizations are increasingly adopting next-generation security solutions— that will help them to detect, investigate, and resolve the inevitable cyber attack.