Hacking Run Amok: Recent Major Breaches Call for Extra Diligence

Hacking Run Amok: Recent Major Breaches Call for Extra Diligence

High-profile breaches have recently impacted more major brands and millions of consumers, demonstrating that no one is immune. From ransomware and malware to misconfiguration and lack of updates, the root causes vary, but the end results are the same. New noteworthy victims including Under Armour, Panera Bread, Boeing, Sears, Delta, Saks Fifth Avenue and the City of Atlanta have all had sensitive data stolen on a grand scale.

While these incidents have gained prominence in the headlines, others abound. According to the Identity Theft Resource Center, as of May 1, 2018, there have been 383 breaches resulting in more than 12.9 million records being exposed. The targets are widespread as well, spanning vertical industries including financial, business, education, government, and healthcare.

This wide swath across major brands and varying industries indicates that data breaches are not isolated. Regardless of the circumstance, no one and no organization is safe from being hacked. This is by no means an exercise in victim-bashing or fear mongering. Rather, it is important to acknowledge reality so it can be addressed thoughtfully and strategically.

This era is encapsulated by one simple fact: Because of the lucrative nature of cyber crime, it is here to stay, and traditional approaches to security aren’t enough. It seems abundantly clear that organizations are outmatched against the continuous onslaught of attacks from hackers with a variety of intentions and skill sets.

The New Reality

The truth is, there are so many vectors for a cyber attack, that it is logical to assume that virtually all networks have already been compromised. After all, even the most cautious employee can fall prey to common ploys such as social engineering and spear phishing, which uses publicly available information to target users, or a watering hole attack that compromises frequently-accessed URLs to deliver a malicious payload.

Today’s security landscape is multifaceted and rapidly evolving. With nation-state level hacking tools available on the Dark Web, complete with customer support and the availability of Cybercrime as a Service, a prospective hacker doesn’t need to be a seasoned expert. This, in turn, creates an environment ripe to take advantage of organizations ill-prepared for the fight.

With this reality in mind, rather than solely focusing on keeping hackers out, it makes sense to monitor networks for suspicious anomalies and respond if irregularities are detected--a method known as Managed Detection and Response (MDR). And when combined with other layers of security including firewalls, endpoints, and applications, MDR can be extremely effective in preserving the sanctity of enterprise networks.

A Strategic Approach

Managed detection and response combines machine learning with human expertise to help overwhelmed organizations analyze network traffic, seek out vulnerabilities, and mitigate threats. This is especially critical due to the amount of “noise” generated by alerts from traditional security solutions. IT teams are figuratively buried in incident alerts and are almost incapacitated as a result.

A classic example of this situation is the now infamous Target hack. The company had literally invested millions in incident response tools, which proved effective in alerting to the attack. However, these notifications were lost in the avalanche of other alerts.

Typically, IT staff are occupied with supporting daily business functions. They rely on security solutions to bridge the gaps but become frustrated due to the shear volume of security event reporting and analytics that must be absorbed and addressed. Plus, security systems are siloed solutions and don’t provide an enterprise-wide view of security posture. Managed detection and response is perfectly suited to bypass this challenge. This chart from the National Institute of Standards and Technology (NIST) breaks down cybersecurity standards and best practices, including the elements of managed detection and response:

Elements of Managed Detection and Response

Managed Detection and Response: How Can Masergy Help

Masergy’s managed security service is a highly effective, comprehensive service for mid-to-large enterprises looking to partner with a provider for an around-the-clock and cloud/on-premise solution. Masergy makes the process truly turnkey. Masergy Managed Security solutions optimize people, process, and technology to help identify compromised networks. Our Managed Detection and Response platform, Unified Enterprise Security, includes proprietary and third-party security tools that provide best-of-breed coverage across your entire infrastructure, whether on-premise or cloud.

Standard Tools (included with all deployments)

  • Network Behavioral Analytics: Identifies sophisticated unknown attack patterns using patented machine learning analytics
  • Intrusion Detection/Prevention System: Leverages real-time network packet capture and deep packet inspection to identify latest known attacks
  • Network Visibility: Records complete network history to enable alerting, investigation and threat hunting
  • Vulnerability Scanning: Enables immediate or regularly scheduled security scans and integrates the data with other detection and response alerts
  • Integrated SIEM: Conducts analytics, search and investigation on security log and event data

Additional Capabilities

  • Next-Generation Firewall: Integrates with next-generation firewalls for threat blocking and automated response
  • Endpoint Detection and Response: Denies attackers an endpoint beachhead and isolates compromised endpoints before real damage is inflicted
  • Cloud Workload Protection: Extends detection and response capabilities to Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) cloud environments and on-premise server farms and data centers
  • Security Monitoring for Office 365: Ensures Office 365 data remains secure
  • Managed CASB: Protects sensitive data for any Software as a Service (SaaS) application on any device

By using a diverse suite of detection and response tools, threat coverage improves dramatically enabling effective and actionable alerting. When combined with our patented security analytics and team of expert analysts, Masergy provides customers with a comprehensive detection and response ecosystem complete with highly actionable data and customized incident response.

This prevents hackers from gaining a foothold and further infiltrating systems. The result: Our customers rest easier and spend more time improving business operations as opposed to focusing on demanding security issues. With cyber attacks becoming increasingly prevalent, it make sense to have a partner in place to bear the brunt. At Masergy, we’re up to the task.

Want a Forrester Research analyst to help you evaluate Managed Security Service Providers (MSSPs) and navigate the world of outsourced security? Register to attend our upcoming webinar: The MSSP Survival Guide

About David Venable

VP, Cybersecurity, Masergy
David Venable, Vice President of Cyber Security at Masergy Communications, has over 15 years experience in information security, with expertise in cryptography, network and application security, vulnerability assessments, penetration testing, and compliance. David is a former intelligence collector with the National Security Agency, with extensive experience in Computer Network Exploitation, Information Operations, and Digital Network Intelligence. He also served as adjunct faculty at the National Cryptologic School.