Losing business to a competitor because one of your trusted employees has walked out the door with sensitive information doesn’t need to happen if you look for the signs and put controls in place, according to a panel of cyber security experts.
Privileged users such as system, network and domain administrators can pose a significant threat to mission-critical systems or ones holding highly sensitive data. In fact, the consequences of a disruption in service or stolen confidential information can be severe enough ruin a business. Revocation of certifications, loss of critical intellectual property, and exposure to the consequences of a data breach disclosure are all part of the consequences.
A string of high-profile data breaches in 2012, from LinkedIn to Global Payments, have kept enterprise data security in the limelight. But most organizations still tend to be reactive and focus on firefighting when it comes to data security, rather than implementing a more effective long-term strategy. Let's examine the four most common pitfalls of this short-sighted approach.
Many organizations have a computer security incident response team (CSIRT) that swoops into action to battle malware outbreaks, other types of cyberattacks and possible insider threats, and at networking giant Cisco, that CSIRT team is made up of about 60 people trying to protect a business with about 75,000 employees.
After over 10 years of active participation in the honeypot community, I was surprised not to have heard of MicroSolved's HoneyPoint Security Server before I started planning this roundup. HoneyPoint runs on Windows, Linux, and Mac OS X, and offers some useful features -- such as "defensive fuzzing" and the ability to track alert status -- that KFSensor and Honeyd don't. But HoneyPoint is neither as easy and complete as KFSensor, nor as flexible and scalable as Honeyd.