I have always wondered why so many data breaches continue to occur without people knowing in advance after so many year of researches.
“Do you think hackers are excessively smart or are businesses not focusing on the real issue? Why are so many breaches continuing to occur without let up after several years of headlines? Are the attackers that smart, or are businesses not putting the proper focus on the problem?”
Businesses should focus on automating threat detection as follow:
1- Monitor everything (the best way to protect everything is to monitor everything. This might be challenging but worth it in the long run)
2- There should be a system that can automatically detect every form of attack (including DDoS, brute-force, malware, insider threats etc) Businesses need to detect it all under one application for it to be effective.
3-.Businesses need a combination of intelligent data collection and analysis, threat modeling, machine learning and advanced correlation techniques.
4- threats should be detected in real-time – like within minutes if not second as they develop. Obviously, the faster an attack is detected, the less data loss occur
5- Notification of critical alerts should automatically be sent via email and texts.
6- Lastly the threat should be contained – automatically from within the same application used in step 2. Acting to stop the threat is the most critical step using an automated approach to detect and contain the threat.
The above recommendation can reduce threat risk significantly. Of course, the right system is needed to make this practical.When a data breach does occur, organizations must be able to spring into action and respond to the threat immediately.