How to Detect Data Breaches Before It's Too Late

Posted by Susan Sison on May 10, 2017 8:12:00 AM

DatabreachCyber attacks are growing at an alarming rate, and unfortunately, breaches are all but inevitable. We’ve all heard about the recent attacks that embarrassed Sony, Ashley Madison and Yahoo. But the problem is more far-reaching than those high-profile cases.

One survey found that 90% of large organizations and 74% of small businesses were attacked between 2014 and 2015. And that number is likely higher since these were only discovered attacks.

But this doesn’t mean you should throw in the towel and let cyber criminals exploit your valuable information at will. To counter the rise in cyber attacks, the cybersecurity market is also growing and becoming more sophisticated—so use it to your advantage.

Performing regular cyber threat assessments can give you an accurate picture of your security needs and help you squash cyber criminals’ nefarious plans. Your comprehensive strategy should include identifying threats, defending against them—and just as importantly, knowing how to respond quickly when there’s a breach.

Malware Lying in Wait

Surprisingly, for all of the turmoil malware can unleash, many companies don’t even realize they’ve been breached until well after the fact. Sophisticated malware can lie dormant and go undetected for months—even years. On average, it takes 146 days to detect a breach.

Often this sneaky malware infects systems without being noticed. Criminals use tactics such as encryption to hide malware and have even come up with variants that can evade being sandboxed. This advanced malware thrives on looking innocuous—until it’s too late.

Of course, malware needs to first gain entry into your system. Cyber criminals use zero-day attacks, but also take advantage of unpatched vulnerabilities and outdated systems. Disturbingly, over 99% of vulnerabilities are still being exploited more than a year after they were published.

Human error is also a major concern, with many social engineering strategies finding success. Compromised credentials are still the number one way criminals gain access. Insider threats are especially dangerous since they make it easier to circumvent security controls.

Prevention Best Policy

Once the malware is in your system, time is of the essence. Being able to detect a data breach requires an understanding of "normal" conditions and behaviors in your network environment. Performing regular cyber threat assessments can give you an accurate picture.

First off, you need to look for common warning flags. These may include:

  • Reduced operating speeds across your network.
  • Systems restarting or shutting down unexpectedly.
  • Security software not working.
  • Unusual IP’s showing up in your reports.

It’s important to stay vigilant. Look for patterns and trends throughout your system. If something doesn’t look quite right—question it. Remember that employees are potentially weak links, so pay special attention to their behaviors.

Running validation tests will help you pinpoint application vulnerabilities, detect malware and botnets, and make it possible to share threat intelligence. Assessments are essential for prevention, as they will help you understand your vulnerabilities and allow you to focus your cybersecurity technology investments in the right area.

Are you ready for a cyber threat assessment? Our partner, Fortinet, offers a free cyber threat assessment, online. We (Network Computer Architects) can help you assess the results and prevent threats from wreaking havoc in your environment. Contact us to learn more.