Trust has become one of the world's most important commodities. Just ask the former CEO of a major American retailer, who resigned after a particularly large cyber attack or any other major organisation that has been hacked and customer data apparently lost.
It was interesting that when eBay reported that its network had been compromised, and their message to customers asking them to change their passwords suggested the 'trust and security of eBay members is our top priority'.
The need to maintain trust in the face of a breach or hack is critical.
Organisations that suffer cyber attacks or hacks usually see not only an impact in their share price, but also in customer numbers. After all, in such an ultra competitive business landscape, a customer has many options who to do business with and the lost of trust can have a damaging effect that can take months or even years to repair.
Similarly, a government agency that is unable to protect citizen's data, is likely to be viewed with some concern by people and is less likely to be trusted with more information.
Loss of trust, though, goes far beyond the cost of lost orders and visitors; many studies have concluded that businesses that suffer a significant data breach or hack experience record drops in innovation and staff numbers as a result.
It is difficult to measure the exact costs, but the 2013 Cost of Data Breach Study from the Ponemon Institute reported the average cost per record compromised was $136. With typical compromises impacting between 2,300 to 99,000 records, that is a lot of money.
Other studies have also tried to put numbers on the cost of cyber attacks to a business, but whatever the figure it will likely be at least in the millions of dollars.
However, weighed against this loss of trust if hacked, we know that it is no longer a question of if you get attacked, but when. So given this sense of inevitability you will be compromise, what does it mean for the customers' trust and ultimately your company bottom-line?
First of all it is critical that security teams recognize and acknowledge the new security reality. Rather than burying their heads in the sand and hoping against hope that it never happens, they need to recognize it is very likely to happen and then act accordingly. By assuming you will be compromised and putting yourselves in the role of the attacker and what they see, you can start to review your security in a different light and plan accordingly.
With a deeper understanding of the methodical approach that attackers use to execute their missions, you can identify ways to strengthen defenses and be able to respond quickly to limit the damage when it does happen.
Defenders must use these very same capabilities as the attackers to better protect against attacks, including:
- Visibility: Attackers will have full visibility of your IT environment, so too must you. To more effectively protect your organization you need a baseline of information across your extended network (which includes endpoints, mobile devices and virtual environments) with visibility into all assets, operating systems, applications, services, protocols, users, network behavior as well as potential threats and vulnerabilities. Seek out technologies that not only provide visibility but also offer contextual awareness by correlating extensive amounts of data related to your specific environment to enable more informed security decisions.
- Automation: You need to work smarter, not harder. Hackers are using automated methods to simplify and expedite attacks. Using manual processes to defend against such attacks are inadequate. You need to take advantage of technologies that combine contextual awareness with automation to optimize defenses and resolve security events more quickly. Policy and rules updates, enforcement and tuning are just a few examples of processes that can be intelligently automated to deliver real-time protection in dynamic threat and IT environments.
- Intelligence: In an age when hackers are conducting extensive reconnaissance before launching attacks, security intelligence is critical to defeat attacks. Technologies that tap into the power of the cloud and big data analytics deliver the security intelligence you need, continuously tracking and storing information about unknown and suspicious files across a widespread community and applying big data analytics to identify, understand, and stop the latest threats. Not only can you apply this intelligence to retrospectively secure your environment, mitigating damage from threats that evade initial detection, but you can also update protections for more effective security.
Critical in maintaining the trust of customers is not only to make it harder for attacks to succeed, but also to have the visibility across your network so that you see when something unusual or unexpected happens and quickly. After all research shows that often cyber criminals remain undetected for months or even years once they successfully get in, so finding them quickly and seeing what they have been doing and what applications and databases they have been compromising is the secret to stopping lasting damage being done. Then you can begin the process of letting your customers know you have a problem, but that it is solved and access to sensitive data limited. That way you can rebuild trust.