Drowning in Data: Making Sense of Layered Security
Despite a concerted effort by security professionals around the globe, cyberattacks and hacks continue to take place with alarming frequency. As such, cybersecurity is a hot topic. While the degree to which executives and their boards understand the threat varies, companies continue to throw millions, sometimes hundreds of millions of dollars at the problem; only to see cybercriminals continue to attack with impunity getting access to critical data.
Whether a company possesses a limited or unlimited cybersecurity budget, it appears that the old saw holds true: it’s not a question of if a company will experience a cyber attack, but when. Are companies not paying attention or is there something else wrong with their approach?
Layered security: Too much of a good thing?
Let’s take a minute to talk about the “go to” tactic that many companies spend astronomical amounts to develop, deploy and maintain – layered security. Surprisingly, cybercriminals don’t shy away from companies with a layered security program in place. In fact, most cybercriminals view layered security with ambivalence. While the additional hurdles and roadblocks embedded within layered security complicates a cybercriminal’s day, it also creates opportunities. Here’s how…
When a company adds a new layer of security, they create additional streams of data. The problem with this is that most companies struggle to handle existing streams of data generated by their cybersecurity program; never mind the newer, costly streams that they continue to add.
While the addition of a new security layer often addresses an immediate, pressing need, the more layers a company deploys, the more stress it places on its ecosystem. Even the most talented security team can handle only so much work and without an intelligent security data platform in place, cybersecurity programs often collapse under their own weight.
Converting data to actionable intelligence
Deriving benefits from a cybersecurity security program hinges on a company’s ability to monitor and interpret the data it captures. Put simply, capturing log and event data is pointless without a mechanism to organize that information and extract actionable intelligence.
Remember, cyber attacks create patterns. Miss the pattern, for whatever reason, and you will likely miss the attack. Without a centralized view such as that provided by a security data platform, companies will remain open and vulnerable – regardless of the layers that they deploy. From our perspective, failing to develop a single view of network activity is like visiting an art gallery and viewing each painting through a straw – you look silly and miss the big picture.
Take the time to determine and ask whether your security department has the appropriate infrastructure to monitor, analyze and act upon data it gathers. Asking this simple question may help prevent the next attack and avoid the need for IT security to explain why its layered security program failed – again.
Sidebar: Get it wrong and reap the whirlwind
Let’s not forget why deploying the right approach to layered security matters. DefenseStorm aggregated the following cybersecurity-related statistics in an infographic you can access here. It paints a very ugly picture:
- 42.8 million attacks committed in 2015
- 117,339 attacks per day
- Average time to resolve a cyber attack: 46 days
- Average cost per incident: $1,988,554
- 800 million personal records stolen each year:
- 10,000 records stolen per incident
- Cost per compromised record for financial companies: $259
Want more information on the Economic Costs associated with getting hacked? Download the infographic.