Last week, credit reporting bureau Equifax reported that personal data belonging to approximately 143 million U.S. consumers was compromised in a massive information breach that began in mid-May of 2017 but not discovered until July. Organizations may be surprised to know how easily this breach could have been prevented, and that there are steps that can be taken to significantly reduce their risk of falling victim to a similar data breach.
Equifax has learned that its attackers remotely exploited an existing vulnerability in Apache Struts, a web application development framework that allowed the hackers to gain unauthorized access to stored information. The critical vulnerability was revealed by Apache in March 2017, along with recommended patches to fix it, nearly four months before the breach was discovered, but Equifax mistakenly failed to apply the available patches in a timely manner. If those fixes had been applied, it’s possible this breach would have been avoided, and so much personal information would not have been compromised.
For organizations that have critical information assets, such as customer data and proprietary corporate data, the risk of a data breach now is higher than ever. Symantec, a global leader in cybersecurity protection, suggests the following steps that any company can take to monitor and protect its important information:
1. Enforce security through IT compliance controls: Companies can reduce the risk of exposing sensitive information by conducting regular assessments on technical controls like password settings, server and firewall configurations, vulnerability scans and software updates/patches.
2. Stop incursion by targeted attacks: The top four means of hacker incursion into a company’s network are through exploiting system vulnerabilities, default password violations, SQL injections and targeted malware attacks. To restrict these avenues into the organization’s information assets and minimize attacks, companies can consider implementing a combination of the following: core systems protection, IT compliance controls assessment, penetration testing and endpoint management.
3. Prevent data loss: Even if a targeted attack is successful, it’s still possible to prevent a data breach by using network software to detect and block the extraction of confidential data. In particular, data loss prevention and security event management solutions can be combined to prevent data from being transmitted outbound.
4. Identify and protect information: In today’s digitally connected world, companies must accurately identify and proactively protect their most sensitive information wherever it is stored, sent or used. By enforcing data protection policies across servers, networks and endpoints throughout the enterprise, risk of a data breach can be progressively reduced.
5. Integrate prevention and response strategies into security operations: A data breach prevention and incident response plan that is integrated into the day-to-day operations of the security team and also involves key stakeholders is essential in protecting your company.
At Schneider Downs, we assist companies in assessing their risk exposures to cyberattacks. For more information on Schneider Downs' cybersecurity offerings, check out the Cybersecurity Services page. If you find that your question has not been addressed, please do not hesitate to contact us.