The Twelve Days of Security

snow-covered-trees

The holiday season is upon us. And this time of year, it’s easy to get caught up in the rush of finishing work in order to make time for family and friends. Sometimes though, it’s best to take a moment to look back on the year and celebrate our successes and then prepare for cyber threats that lay ahead in 2018.

Yes, it was a rough year. There were new threats (e.g. WannaCry, Petya/NotPetya), huge data breaches and attackers more determined than ever. On the positive side, in 2017, we as a security industry grew even closer together as we shared intelligence, tools and techniques to stop the bad guys.

We’re excited about helping our clients overcome security challenges, and our professionals have come up with advice and facts about how Chief Security Officers (CSOs) can achieve cyber resilience. As we enter 2018, let’s keep the “12 Days of Security” top of mind across the enterprise.

Twelve Days of Security

On the first day of Security, my CSO gave to me …

1 reminder to “think security”

It’s not enough to address problems as they arise. Security must be designed into the fabric of the organization, from the applications to the employees themselves. By taking a proactive approach, you can save money and invest into new strategic areas.

2 threat hunters

Threat hunters use software tools, network data, automated metrics and a formal methodology to ferret out information on threat actors. Threat hunters can help you learn both the nature of the attack and the motivation(s) behind it. Was it a nation-state operation? Was it part of a complex corporate espionage program? Or was the attack strictly cyber criminals seeking financial gain? If money was the primary motivator, how will the bad threat actor monetize the stolen information? Threat hunters are key to a successful defense, though many organizations are challenged with building an effective threat hunting presence on staff.

3 priorities

Thinking about your goals for next year? You can’t go wrong with these priorities:

  • Turn security from the Department of No to the Department of Yes.
  • Accelerate your digital transformation securely
  • Keep personal information personal!

4 cyber threats

Cyber threats get more sophisticated every year. Here are four on the watchlist this holiday season:

  • Phishing: emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers
  • Fancy Bear: Also known as APT28, Pawn Storm, Sofacy Group, Sednit or STRONTIUM, Fancy Bear is a cyber espionage group believed to be associated with the Russian military.
  • Identity theft: stealing someone’s private identifying information for financial gain
  • In-memory credential theft: Allowing hackers to make lateral movements between servers makes it possible for someone with administrative privileges to steal credentials.

5 bright ideas

Security is regularly cited as the No. 1 board priority for enterprises and governments around the world. Highly publicized attacks and incidents on the global stage have clearly demonstrated that the wrong security and cyber risk strategy can result in loss of revenue and market capital.

Here are five bright ideas for improving your security posture as you modernize and digitally transform your enterprise:

  • Achieve cyber resilence. Make sure your people, processes and technology are all prepared to thwart the next attack – anywhere throughout your enterprise.
  • Focus on patch management. Make sure your change control and patch management programs are fit for the important purpose they serve.
  • Cloudy with a chance of security. With so many new applications and data running on the cloud, now is the time to centralize cloud governance and security to gain greater visibility into potential risks.
  • Enable security visibility without boundaries. The rise of big data has given our industry new opportunities to use analytics, visualizations and artificial intelligence in the security process.
  • Secure the Internet of Things. The new year will bring even more connections between your traditional security perimeter and a widening array of IoT devices and sensors. Organizations must focus on building in security to protect underlying data and systems.

6 GDPR facts

The biggest regulatory change affecting security organizations worldwide is the new General Data Protection Regulation (GDPR), which includes sweeping customer privacy rules that affect organizations providing goods or services to European Union citizens:

  • New rules are set to go into effect on May 25, 2018
  • Failure to comply could generate hefty fines, up to 4 percent of gross revenues
  • Organizations must scrutinize how they’re using customer data and the lawful reason for keeping it
  • Organizations must respond to customers requests to access their personal data and ask to have it erased or moved
  • Data breaches must be reported to authorities within 72 hours
  • GDPR readiness requires an end-to-end approach to security, data management and change management, which means many organizations will need outside assistance.

7 continents secured

Cyber attacks are becoming truly global in nature. In May 2017, WannaCry hit more than 200,000 computers in 150 countries, taking hostage of computers belonging to banks, hospitals, telecommunications companies and more. This ransomware attack demanded bitcoin payments to release the computers. Loss estimates from the attack range from hundreds of millions to several billion dollars. A month later, Petya/NotPetya caused serious disruption across three continents. It’s clear that today’s global companies need an enterprise-wide view of threats in real time.

8 security solutions

Key solutions for enterprise security challenges should include:

  • Security Advisory Services. Assess risks and define and implement business-aligned strategies to optimize your security readiness.
  • Intelligent Security Operations. Support the digital enterprise and monitor and respond to the evolving threat landscape.
  • Infrastructure and Endpoint Security. Meet your unique security requirements through design, installation and integration of perimeter, network, endpoint and advanced threat-protection solutions.
  • Threat and Vulnerability Management. Ensure remediation of security threats through penetration testing, vulnerability scanning, social engineering and attack simulations.
  • Security Risk Management. Identify your cyber risks, document a go-forward plan and carry out your remediation projects.
  • Identity and Access Management. Take advantate of identity solutions — from provisioning and access governance to strong authentication and Public Key Infrastructure (PKI) to protect the enterprise.
  • Data Protection and Privacy. Protect critical data and help enterprises understand the use of critical content, all while meeting constantly increasing privacy requirements.
  • Cloud Security. Secure virtual environments for cloud and Infrastructure as a Service and get full visibility into traditional and next-generation platforms.

9 sleepless statistics

As cyber threats become more frequent and sophisticated, enterprises must find the best solutions for bolstering security to prevent attacks and minimize impact. The cost of cyber crime will rise to a staggering $8 trillion globally over the next five years, according to a 2017 estimate by Juniper Research. Here are a few more statistics likely to keep CSOs up at night:

  • The average cost of a data breach is $4 million.
  • The median time to detect a breach is 46 days.
  • In 2016, nearly 1.1 billion identities were stolen.
  • That year, the average cost of a cyber crime for U.S.-based companies was $17 million.
  • On average in 2016, organizations fell victim to two successful cyber attacks each week.
  • 34 percent of cyber attacks come from malicious insiders.
  • 65 percent of large firms detected a cyber breach in the last year.
  • 25 percent of those firm experienced one breach per month.
  • More than half of organizations affected by the General Data Protection Regulation are expected to be non-compliant when the new privacy rules go into effect in 2018.

10 reasons to partner

DXC is one of the few partners that can provide end-to-end security solutions, from advisory services to manage risks and strengthen your security posture to full managed security services to ensure high levels of threat detection and response.

  • 50+ years of experience delivering managed security services
  • 4,000+ security professionals
  • 850+ managed security service delivery experts
  • 12+ global security operations centers (SOCs) on 5 continents
  • 24×7 management and monitoring
  • 8 million managed security devices
  • 47 million secured user accounts
  • Vendor-agnostic advisor and prime security integrator
  • World’s leading independent, end-to-end IT services company
  • 6,000 clients in more than 70 countries

 11 pieces of ID

Cyber criminals are looking for all forms of data that they can exploit to make money. As attackers target high-value enterprises, companies must find the best ways to contend with known and unknown threats to steal pieces of personal information such as:

  • Website cookies
  • Physical and digital address
  • Medical details
  • Banking details
  • Racial or ethnic origin
  • Political opinions
  • Religion
  • Private life
  • Any offences or alleged offences committed
  • Membership of a trade union
  • Biometric or genetic information

 12 Global SOCs (Security Operations Centers)

SOCs are the heart of every security program. To adequately keep up with continuous and accelerated threats, enterprise security operations must have the ability to adapt and change. Enterprises need security operations to be intelligent because adversaries are coming up with new, innovative ways to attack every day. Having the ability to quickly adapt to the changing security landscape must become a defining quality of your enterprise security operations. Backed by more than 4,000 security experts and a global network of 12 security operations centers and support facilities, DXC’s provides 24x7x365 industry-leading services help protect client data, applications, infrastructure and endpoints; detect and predict attacks; and proactively respond to threats.

 

We look forward to providing security advice and support throughout new year and beyond. From our team to yours, here’s wishing you a season of cyber resiliency.


Chris Moyer is chief technology officer for Security at DXC Technology. He has spent more than 25 years building business and technology solutions for clients in several industries across multiple geographies. In previous roles, he has led solutioning, transformation projects and delivery assurance. He is also a member of the Institute of Electrical and Electronics Engineers. Connect with him on Twitter and LinkedIn.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: