Hi all – It’s me, Meredith and I’m back for my second installment on the Top 3 Takeaways from our Rapid7 webcasts. In last week’s webcast with partner FireEye, we discussed “The New Frontier: Why Traditional, Signature Based Defenses Don’t Work”. Our panel of experts included Joshua Goldfarb, Chief Security Strategist of the Enterprise Forensics Group at FireEye and Nicholas J Percoco, VP of Strategic Services at Rapid7.
Here are my Top 3 Takeaways on how to move beyond traditional, signature based defenses:
- The cost of doing nothing costs more than you think – I’m sure we are all well aware of the physical costs associated with a data breach (cleanup, recovery, and remediation) but what about the long-term impact on your business? More often than not, where your company will feel the greatest impact is through the loss of intellectual property, the overall brand impact, and, in some cases, the Wall Street impact. It is important that your detection and remediation happen as quickly as possible to avoid these long-term aftershocks.
- Don’t underestimate the attacker – Josh encourages us not to bucket these attackers as amateurs or people that are goofing around. This is their full-time job and they are extremely good at it. Attackers these days are professional, organized, well-funded, and motivated. As Nick points out, there is a lot of work that goes into their hacks; hackers spend a great deal of time researching their victim’s business and the company’s industry in order to blend in and look like a legitimate user. You must take hackers seriously and your monitoring should be continuous and persistent, because you know they will be.
- Focus on the weakest link: compromised credentials – We’ve said it before and we will say it again, people continue to be the weakest link. In the past three years, stolen credentials has gone from the third most commonly used attack vector to THE most commonly used attack vector*. Traditional, signature based defenses are not going to be able to detect these individual, lateral attacks. Companies need to start investing in solutions that are going to detect, investigate, and discover user-based attacks and risks.
*Verizon DBIR 2014
To learn more about how you can protect your company beyond the traditional methods, watch this webcast on demand!
If you want to learn more about UserInsight please click here!