Treacherous 12 Part 1: Data Breach

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> First up of our Treacherous 12, data breach.
00:00
In this lesson, we want to talk about
00:00
the risks of a data breach,
00:00
the impacts of data breach,
00:00
and also techniques to address this risk.
00:00
Data breach, which is the disclosure, access,
00:00
or having confidential information
00:00
stolen from an organization,
00:00
was number 1 on the CSA's survey of Cloud threats.
00:00
Nearly half of the participants said that
00:00
>> data breach was the main threat in
00:00
>> Cloud environments that they were concerned about.
00:00
It makes sense why.
00:00
Data breaches,
00:00
>> they are not only constantly
00:00
>> from a monetary perspective,
00:00
>> the average costs globally of a data breach
00:00
was around $3.8 million.
00:00
In the United States in particular,
00:00
the average cost is as high as eight million dollars
00:00
>> for the impact of a data breach.
00:00
>> The immediate costs that
00:00
are associated with a data breach,
00:00
one, are the forensic costs.
00:00
To have a forensics firm come in
00:00
>> and identify the source of the breach,
00:00
>> how it happened,
00:00
provide any two preserved legal pieces
00:00
of evidence that are associated with the breach,
00:00
that can cost millions of dollars.
00:00
Then if your customers sue you based on
00:00
you're violating your own terms of service
00:00
>> or failure to protect their data,
00:00
>> that can account for millions more dollars.
00:00
Then ultimately one of the difficult things
00:00
to really calculate when it comes to the data
00:00
>> or the damage caused by
00:00
>> a data breach is the reputational damage
00:00
to an organization.
00:00
Now I think it's a bit controversial.
00:00
Many large organizations have
00:00
had data breaches and it hasn't necessarily
00:00
dramatically affected their bottom line
00:00
or their profits going forward.
00:00
I think in some ways,
00:00
as data breaches become more common, unfortunately,
00:00
customers aren't necessarily sure how to bake
00:00
in the impact of a data breach on their everyday lives.
00:00
But it certainly makes technology customers
00:00
>> a little more hesitant around
00:00
>> a vendor that has a lot of data breaches.
00:00
Really, data breach is
00:00
the highest level risk I can really think of
00:00
>> when it comes to the Cloud
00:00
>> and it requires a really multi-faceted strategy
00:00
>> to prevent it.
00:00
>> We talked about this defense in-depth
00:00
principle over and over again of
00:00
>> how you'd really need multiple layers of
00:00
>> controls that are detective and preventive
00:00
>> and corrective to really mount
00:00
>> an effective defense against the threats
00:00
>> that are out there in the Cloud.
00:00
>> At the highest level, you need effective governance.
00:00
You need policies that lay out your security principles
00:00
>> and best practices that need
00:00
>> to be enforced in the Cloud.
00:00
>> One of the other important aspects of a data breach is
00:00
although we think about hackers
00:00
getting into the system
00:00
>> and exfiltrating data
00:00
>> and posting it as proof that
00:00
>> they have carried out a breach,
00:00
>> sometimes breaches occur accidentally.
00:00
They're misconfigurations or employee mistakes.
00:00
Training is really the best way to ensure that
00:00
your policies and controls are maintained
00:00
and enforced properly
00:00
>> and that data isn't accidentally disclosed
00:00
>> through mistakes that come from employees
00:00
>> not knowing the correct thing to do.
00:00
>> Another important thing is to ensure
00:00
that data is not leaked
00:00
>> or accidentally accessible by making sure that
00:00
>> you have proper configurations.
00:00
>> We've talked about data leakage
00:00
>> and issues with multi-tenancy separation
00:00
>> and in public Cloud environments.
00:00
>> That makes it even more important to ensure that
00:00
your Cloud infrastructure is configured securely.
00:00
Also, that you're able to monitor your environments
00:00
for any sign that you may have
00:00
a breach to prevent that adversary
00:00
>> from removing data or minimizing
00:00
>> the impact of that breach in terms of the scope.
00:00
You need to drill your incident response
00:00
to be able to actively
00:00
>> and quickly respond
00:00
>> to suspicious activity within your Cloud.
00:00
>> All these controls in concert really work together
00:00
>> to prevent and detect and mitigate data breaches
00:00
>> if and when they occur.
00:00
>> Although no company wants to see their name
00:00
>> in the newspaper with a line
00:00
>> that they've been breached
00:00
>> and millions of their customers have been affected.
00:00
>> I can understand why it remains
00:00
>> one of the number 1 threats in the survey.
00:00
>> Quiz question,
00:00
>> what is the global average cost of a data breach?
00:00
>> Is it 10.7 million,
00:00
3.8 million, or 900,000?
00:00
The answer was 3.8 million.
00:00
Although that's the global average,
00:00
the cost of a data breach is closer to
00:00
that $10 million figure in the United States
00:00
>> and it is also very dependent on the industry.
00:00
>> As we've talked about, some industries,
00:00
such as healthcare
00:00
>> or those that deal with government services,
00:00
>> have certain regulations that drive up
00:00
>> the costs of control failures and breaches.
00:00
>> Another important thing to consider
00:00
>> from a security professional
00:00
>> is that if the cost of a data breach is 3.8 million,
00:00
this provides you with an opportunity to justify
00:00
ensuring that your security program
00:00
in the Cloud is adequately funded.
00:00
Even if your program is a million dollars or more,
00:00
so long as you're demonstrating
00:00
that there's a cost savings by mitigating
00:00
>> the potential breach every single year,
00:00
>> you really are acting in good faith
00:00
>> and ensuring that your program is adequately funded.
00:00
>> Because you're really preventing something that has
00:00
a catastrophic financial impact
00:00
on the company and its reputation.
00:00
In summary, we talked about why data breaches
00:00
are the first one on our Treacherous 12.
00:00
Talked about the impact of data breaches,
00:00
both from a financial and reputational perspective.
00:00
Then we talked about how
00:00
all of the controls that we've talked about so far
00:00
really work together to protect against data breaches
00:00
>> and how you really need to think through
00:00
>> how your controls connect to one another
00:00
>> to ensure that you have effective defense
00:00
>> in your Cloud environment.
00:00
>> I'll see you in the next lesson.
Up Next