CPE webinar by ISACA/BrightTalk:
Using the Target breach example, the presentation began by highlighting the timeline, realization/investigation of compromised data from 40 M to 70 M personal information, public apology, testifying upon Congress and 113% drop in stock value once breach was made know. To grasp the relative cost, an data beach considering cost per record of $154 (and 1B compromises in 2015) is 138 more expensive than a nonresidential fire which cost $26,700 per incident in 2014. So, to effective combat the issue, speaker points to technical and incident process training, security awareness, right resources in both tools & team (business and IT), and a vendor pitch for packet capture and network analysis. Understandably, based on forensics cases, converging on Network (packet) analysis solving majority of cases (compared to Host and Memory cases combined). Of course, it is not a replacement technology or strategy shift, but certainly a key focus. Additionally, storage and accessibility of packets is a must and ciphering thought packet logic/volume/relevance requires good tools and smart people.
No comments:
Post a Comment