To be blunt, there is no way to guarantee a company will not be breached. In fact the only option is to complement any threat prevention measures with a way of rapidly detecting breach-activity before it causes any significant damage – from stealing customer information to gaining invaluable intellectual property, or just wreaking havoc across the corporate network.
And that means evolving from an emphasis on stopping the breach, to one of stopping AND spotting the breach.
The good news is that this model is beginning to gain traction. According to Gartner, 40 percent of large organisations will have formal plans to address “aggressive” cyber-security business disruption attacks by 2018. In its “Attack on Sony Pictures Is a Digital Business Game Changer” report, the firm says that while there are currently no companies adopting such a strategy, which would see CISOs and business continuity managers (BCMs) increasingly move from prevention to detecting and responding to attacks, attitudes are changing, fast.
Indeed, there is a wider effect of raised awareness as a result of these high profile breaches, with Gartner insisting these events’institutionalise more-proactive thinking about cyber-security risks’. This attitude will without doubt affect the way individuals perceive suppliers, customers and business partners alike and will ensure far more people at every level of the business are attuned to the issues of online security.
You can read the full article on Information Security Buzz here.