Depending on which sources you read, in the first six months of 2011, the top six network breaches alone enabled cyber thieves to steal between 178 million and 218 million user accounts, email addresses, token seed files or “records.” When these hackers go undetected for extended periods, they can damage an organization's competitive edge, their operations, brand image and, eventually, impact the business operation.
The question then becomes: Why does this happen and what can be done about it? Were these targeted organizations incredibly unlucky, complacent or targeted for some reason? Yes, not especially, and probably. What can organizations do to reduce their risk?
Consistent communication to all employees about the risk of social engineering and spear phishing is the first step. Unsolicited calls, emails or visits asking for personal details about IT employees are particularly suspicious, and the caller's identity should be independently verified before proceeding. Employees should not fill out online forms sent via unsolicited email links, no matter how legitimate they appear.
Next, in the event that a PC account has been breached, minimize the number of accounts that have password reset privileges to reduce account escalation odds.
If your enterprise handles customer credit card information, fully comply with PCI standards, and be sure to use strong two-factor authentication for anyone who has access to payment card databases. This will prevent account sharing, provide greater security redundancy, and result in a better audit log. It will also inhibit account escalation.
If your business is securing a corporate network, be aware that perimeter defenses have been made permeable by Wi-Fi, thumb drives, email attachments, smartphones and laptops, so one needs multilayered strong authentication into Windows login, servers, VPN and cloud applications. Smartcards from a credential management system appliance are the fastest, easiest way to deploy multilayered strong authentication.