From Target to Home Depot and most recently the Carbanak APT – estimated to have stolen $1B from banks around the world – the fallout of a major breach is horrendous.
In these cases, the negative publicity has been even more damning because these breaches succeeded despite monitoring tools being in place: suspicious activity had been detected and alerts had been sent to raise the alarm. The fact that alerts simply got lost in the noise is no excuse.
File Integrity Monitoring (FIM) is a great tool and an essential component of the security toolkit. It provides a complete view of every single change that occurs across the IT infrastructure, but unless it is used hand in hand with rigid, zero-tolerance change control, the amount of noise generated on a daily and weekly, let alone monthly basis is unmanageable.
Read our CTO Mark Kedgley's latest opinion online at Tech Page One here.