read
May 6, 2020

The Breaches Just Keep Coming (and so do the Ramifications)

Recent high-profile data breaches prove that the problem is getting worse, not better. Traditional security tools were designed to be “dumb,” therefore putting the hard work on the analysts leading to missed threats.  Clearly, this approach isn’t working, so what can companies do to protect themselves from the next data security breach?

 

The Breaches Just Keep Coming (and so do the Data Breach Consequences)

Unfortunately, data security breaches in the retail industry just keep coming. According to Business Insider, since the beginning of 2018, at least 19 retailers and consumer companies were hacked and most likely had information stolen from them. 

It’s a real problem: According to KMPG, 19% of consumers said they would completely stop shopping at a retailer after a data breach, and 33% said they would take a break from shopping there for an extended period.

Consider these high-profile examples of recent—and massive—data security breaches: 

  • In August of 2019, grocery chain Hy-Vee uncovered unauthorized transactions made at some of its fuel pumps, drive-through coffee shops, and restaurants.
  • In November 2019, Macy’s reported that its online shoppers’ payment details were compromised after hackers cracked into its “Checkout” and “My Wallet” pages. 
  • Also in November, Marriott disclosed a massive breach of data from 500 million customers in late November. Guests staying at any of the brand’s hotels likely had their data exposed. Encrypted credit card information was also exposed, and potentially, the key to decrypt it.

These data breach examples show how the problem is getting worse, not better. More, there is usually a common thread to all of these recent data breaches.

All of these companies issued their standard apology, something along the lines of “We deeply regret this incident, and we’re sorry for any inconvenience it may cause.”

Yet for those consumers who have to wait and see if their identity was stolen, such an apology may not be enough.

 

Traditional security tools aren’t designed to handle the task

As an industry, we need to attack these security issues in a much different way, especially considering that the current methods are not working. 

Everyone realizes that data breaches are not going away, yet the industry has also designed security tools to be inefficient and not up to the task of providing effective cybersecurity protection. For instance:

  • Enterprises can receive more than 5,000 intrusion alerts per day from their current tools. 
  • There is no way that even highly staffed InfoSec departments can investigate all of these alerts. For example, in the case of the Equifax breach, the company had 172 senior security resources on staff, and they still did not realize that their systems were breached for many months
  • Receiving unvetted intrusion alerts from across the entire network is not an effective way to secure critical business data, including PII, financial, and more. 
  • By design, traditional security tools are siloed and “dumb,” with no simple way to aggregate the results together or quickly gain actionable insights from them. 

 

Failure is not an option: Noncompliance is costly

The public, lawmakers, and regulators are fed up. As a consequence, data privacy regulations are growing in number, and now have very real penalties for noncompliance.

  • 23 NYCCR 500 gives financial, banking, and New York-based insurance companies three days to notify the state of a data breach.
  • The GDPR regulation has a data security breach notification requirement of 72 hours. If this is not met, an organization can be assessed fines of 4% of revenue or €20M Euros.
  • Regulated organizations are seeing a tightening of industry-specific regulations like NIST, PCI, FISMA, and harsher enforcement of HIPAA.
  • Twenty-six states have their own fines for data breaches if impacted citizens are not notified in the appropriate time frame.

 

New solutions, new results

ARIA Cybersecurity Solutions has taken a different path when developing our threat detection and response solutions. Unlike other providers, we start inside the network to generate complete enterprise-wide traffic visibility. This helps our solutions assist in two important ways: improve the performance of your existing security stack or deploy full AI-driven SOC capabilities within a single platform.  

Organizations gain five critical advantages with the ARIA Software-Defined Security (SDS) solutions: 

  • Complete Visibility: ARIA SDS provides complete visibility to every corner of your network, where other solutions are limited or completely blind
  • Enterprise-wide Analytics: To find threats quickly and accurately, the ARIA SDS solution uses the industry’s most comprehensive analytics generated from alerts, logs, threat intelligence, and our own ARIA Packet Intelligence (PI) application.
  • Smart Threat Modeling: From there, the ARIA Advanced Detection and Response (ADR) application makes this wealth of information manageable by utilizing artificial intelligence (AI) to feed it through machine learning (ML) based predefined threat models that understand how each threat behaves.
  • Surgical Threat Containment: The AI capabilities within ARIA ADR automatically contain these threats before they can spread to other devices.
  • Automated and Auditable Enforcement: Finally, ARIA SDS is also valuable for assuring regulatory compliance and enforcing connectivity policies – preventing future violations.

 

With ARIA SDS, organizations can protect themselves from harmful hidden attacks without human intervention.

 

Tags: data breach, gdpr, cybersecurity