The Time It Takes to Detect an Intrusion is Critical for Companies
Last week a lot of us were abruptly alerted to the fact that our confidential information may have been compromised. Roughly 143 Million individuals’ information may have been disclosed in the Equifax data breach. The intruders may have potentially gained access to social security numbers, birth dates, addresses and other personal data.
It was announced the cyber thieves exploited a vulnerability in a web application although the company’s main consumer and commercial credit databases were not accessed. It was reported the hackers gained access to the network between mid-May 2017 and the 29th of July, the date the breach was first detected. During this time of the network intrusion they were able to compromise roughly 200,000 customers’ credit card details. Two months seems like an eternity. However, the average lag time before a breach is detected is 205 days according to research firm Gartner.
The importance of total network visibility
Network and security teams are in charge of establishing a baseline of what would be considered normal traffic across their infrastructure. This would enable them to determine who and what is accessed in each particular area of the network. It would give them the ability to compare their current “normal” traffic against that of an intrusion and detect and possibly remediate anomalies quickly.
Many enterprises have deployed various network performance and security analysis tools. These tools are critical to establishing a robust network and security monitoring solution. The tools however, can fall short in that they are only as good as the data being fed to them. This is where a network visibility system can be a critical part of a monitoring infrastructure.
We all want to be protected and have that feeling of knowing our personal information is safeguarded from cyber attackers. Companies need to re-evaluate their current network monitoring strategies and continuously look at their network infrastructure after every change.
I am not an enterprise, what should I do?
Get a credit report. Today.
Be on the lookout: Watch your mail for anything suspicious. Check your bank accounts at least weekly for signs of fraud. Listen closely when applying for a loan or a government benefit for signs that someone else might be using your social security number. Get your annual Social Security benefits statement online and look for anything unusual.
Consider putting a security freeze on all your accounts — the most serious but most proactive step you can take. But take this step with great care. If you plan to shop for a car loan or a home loan any time soon, you probably shouldn't do this, because security freezes lock credit report files so no one — not even you — can open a new credit account in your name.