Express Computer
Home  »  Interviews  »  Security systems by themselves are not the solution

Security systems by themselves are not the solution

0 52

Paul Black, APAC Regional Managing Principal, Investigative Response, Verizon speaks on latest threats, how to develop effective approaches to counter cyber risks with Jasmine Desai.

Which was the most common security weakness discovered at organizations where a data breach occurred?

Black: We continue to see the same types of attacks that are happening just like last year. Most of the time, the evidence is there in the log files, which are not checked at all by the organization. After a breach the first thing we do is to check the log files. This definitely will be the most common security weakness across organizations.

There has not been marked cases of attacks in virtualized environment. Virtual environment is quite similar to the real environment. In many cases, virtualized environment is more secured than the physical environment.

How can data security be a company wide effort or rather what is stopping organizations from making it a company wide effort?

Black: A company can spend big on technology, but there needs to be underlying processes aligning with it. The right skill-set also needs to accompany it to monitor and manage it, otherwise there is limited value to it. Systems are great, but there is not proper monitoring happening which is a big issue as of now. It is not necessary that complex systems is opening up a space for more threats. Security systems by themselves are not the solution, it needs people and processes to go with it. They have to work together.

What type of data is being stolen increasingly. Is it changing over time?

Black: There is continuation from last year of financial data being stolen a lot. For example, credit card data. Organized crime is very high and it is being conducted more from East European countries.

There is lot of hacktivism happening. It will be targeted more towards large organizations in future like financial institutions and government agencies. In US, there are laws that if an organization is breached and data has been compromised upon, then the organization has 24 hours to notify its customers. These laws are yet to develop maturely, which will help organizations to know what steps are they to take after a breach.

What measures would you recommend for small organizations?

Black: Small organizations can take simple measures like changing passwords regularly. Also, they should be encouraged to use complex passwords. Lot of organizations keep data that they do not necessarily need to keep because of regulations etc. For issues that crop up due to BYOD, there are dual persona systems, there are also sand-boxing options. There should be regular security patching i.e. keeping systems updated and patched. Organizations need to have proper password policies and proper security controls for devices that employees bring in. Also, it is necessary to understand where organization’s data resides.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image