Lagging Security Indicators And The Future Of Security Services

By David Nathans, director of security, SOCSoter

Security breaches in the retail sector are a common occurrence due to the large amount of credit card information available to hackers accessing unprotected systems and networks. Developed in 1996 — but just now being implemented — EMV, chip and sign technology is starting to help retailers reduce their reliance of valuable credit card data. However, how often do we walk into a store to make a purchase just to feel silly because we don’t know if the chip reader is enabled or not?

In the past few years we saw large retail breaches with incidents at Target, Neiman Marcus, and The Home Depot. However, retail breaches are not new and large national chain retail breaches have been around since 2006 with the announcement of TJX Companies losing millions of credit cards. Can you believe that was 10 years ago? Moreover, what have we learned since?

Retail breaches will continue in 2016 and beyond as retailers are still in denial they will ever be a focus of an attack or of the overall risks to their business even as PCI-DSS standards improve. Being annually compliant does not necessarily mean being always secure. Even worse is if a retailer accepts the risk with only minimal investment and no strategic vision into the needed infrastructure and services required to really protect their customers. Despite what breaches may still be occurring in the retail sector, it is a lagging indicator of what is actually happening overall.

With all these large breaches occurring, there has been a significant devaluation of data that has caused cybercriminals to create new revenue streams and seek new types of organizations to prey on. Since the credit card industry has had 10 years to improve their fraud detection systems, the resulting process of canceling and reissuing new cards to consumers is very quick, shortening the life of credit card data and causing the stolen information to be worth much less to criminals.

What kind of data is better and more valuable than credit cards? Your data, of course!

More specifically, your business data and your medical data and, as such, lawyers and healthcare organizations are emerging as the largest threatened businesses. Both of these types of organizations have a treasure trove of valuable data cybercriminals want access and, as a result, both are in desperate need of IT infrastructure upgrades, updates, and security controls.

Lawyers are in hacker crosshairs due to the data they collect on clients and the business deals they negotiate. This could be merger and acquisition information, patent data or copyright information, and more. Additionally, law firms working merger and acquisition cases are now necessitating security audits of businesses being acquired to ensure the purchasing organization is not buying a breach and intellectual property is safe. The problem with losing this type of data is it could devalue an entire company, lead to insider trading, or even be used for large ransom.

Healthcare organizations have volumes of data on their patients which, in the hands of cyber criminals, can be used for insurance fraud, drug fraud, or identity theft. This threat extends not only to general doctors and surgeons but also optometrists, dentists, chiropractors, and many other specialists. The problem with medical data is, unlike credit cards, the data cannot be replaced so once it’s gone, it’s gone for good.

Firewalls and simple anti-virus software are not enough anymore; deep visibility across all levels of the IT environment, continuous monitoring by expert security resources of user activities, and leveraging of valuable threat intelligence information will enable an organization to better understand what’s going on in the IT infrastructure and proactively address security risks before they become bigger problems.

Anti-virus catching a virus is good, but only about 20 percent effective (that’s being generous). More importantly is understanding how that virus got to the users computer in the first place and, further to the core, an understanding of the root cause and overall security posture of a client’s IT environment then rolling that knowledge back into needed systems and services.

Unfortunately, even the most advanced security methods don’t guarantee full protection. Therefore, expert ongoing managed security services designed to actively monitor and respond to cyber threats are the best way to be vigilant and reduce the likelihood of data theft.

David Nathans is the director of security at SOCSoter, a Managed Security Service Provider catering to IT service providers helping to secure customers nationwide with affordable cybersecurity services and dedicated security engineers.

About SOCSoter, Inc.

SOCSoter is a Nevada corporation headquartered in the state of Maryland since 2015. It was built to help small and medium sized businesses combat the growing business risks associated with network connected systems and applications. Service offerings include dedicated cybersecurity engineers monitoring easy to install and internally developed proprietary hardware and custom software provided free as part of the service offerings negating the need for capital expenditure by SOCSoter customers. The company also provides endpoint and mobile devices management services also dedicated to small businesses.