3. 2015: The year of focus
According to IDTheftCenter.Org, 2014 had, as of Dec 2, 708 data breaches resulting in the loss of more than 81 million records. That's a huge amount of data and the year isn't even over. So in the spirit of Christmas, my last forward looking 2015 entry isn't a prediction but a wish. While I don't believe we will ever know the details behind the 700+ breaches, it's safe to say that there were multiple steps along the way where someone could have said, "We could have been more focused here." My 2015 wish is that users, netsec professionals and executives all become more focused on their respective network security responsibilities.
- Users: Focus on the fact that you are integral to network security - even though you may not see yourself as an attack target, you can easily be an attack entry point. So here are some simple steps to lessen that risk. Count to five and think about the link you are clicking on. Look closely at it, and if you have doubts, don't click. Say yes to your software (e.g., IE, Adobe, Firefox, etc.) updates as they often times include patches to vulnerability exploits - aka attack vectors. Lastly, think about what you do on your company network this way. It's your benefits, payroll, and other personal data that are at risk, not just the company's data.
- Netsec professionals: I wish you had more time, but I'm a realist. My wish for you all is that you be more focused (than you already are) on things that appear out of the norm: strange traffic patterns or application usage in the datacenter, odd outbound behavior around the use of RDP, SSH or TeamViewer, odd data or application access requests. What we do know about many of these attacks is that the activity was hiding in plain sight using common applications - focus and vigilance may help us stop the progress of these attackers.
- Executives: 2014 showed that not only your company reputation, but also your career is on the line. In 2015 you should focus on becoming more knowledgeable about your data. Where is it stored? Where it is going on the network? Is encryption in use? What SLAs are in place if it is stored externally? With that information in hand, ask your brightest netsec minds what else can you do to protect the data.