Wednesday, July 26, 2017

The courtyard´s weak link

The report of the week

One of the most recurrent characters in The Simpsons is Nelson Muntz. This school thug has been terrorizing Sprinfield´s Primary School students for more than 30 years, interfering with the swots, with the kids parents or with another not so"exemplary" students, like the incorrigible Bart Simpson. Although there are some chapters in which we have discovered the human side of this thug, his character have not changed  at all and he continues exploiting the school courtyard most weak students.  

In the cybersecurity world we have learned the lesson and we know that there is no one, but many Nelson Muntz hovering over Internet and any internaut could become a victim of their "bullying". But, who are the weakest links in the digital courtyard? 

According to the ThlaesData Threat Report in 2017 almost 9 of 10 US retail business have experienced a security breach in their databases. Hence, 1 of each 10 says they fell very vulnerable or highly vulnerable to this kind of menaces probably because of the apparently continuous incidents which have been well publicized in this space. But the "easy target" mentality is also boosted by the digital transformation rising and its growing complexity.  

According to the report, almost all the US retail business (95%) will have sensitive data in technologically advance environments (cloud, Big Data, IoT and containers) this year. And nonetheless half of the participants believe in the use of the sensitive data in this  non secure environments. The report also exposes that the retailers are not learning from their past mistakes; more than half who suffered a breach this year previously suffered a similar incident. According to the research, this situation gets worst due to a bad budget allocation.   

This being the case, more than three quarters (77%) of the total retail business say they are upgrading their info security expenses, while they are not concentrating their investments where they should. For example, most of the respondents (88%) said that to protect their data against breaches, their networks security is "extremely effective", despite of their network security is where more mistakes can be found when they have to keep the attackers outside, and they are not able to protect the cloud stored data by themselves. In fact, the expending patrons also indicate a "past solutions" approach with budget increasings for the network (67%) and final protection (63%).      

Garret Bekker, main security analyst in 451 Research explains: "First, the good news: only 19% of US retailers have informed about breaches this year, much less than in the rest of the World. Nevertheless, the results of this fails are not so flattering globally because 43% of retailers inform about a breach the last year.  This unequivocal figures prove that any system data can be attacked and compromised. Unfortunately, organizations keep expending their budgets int the same solutions they tried in the past that do not have to be the most efficient to stop actual breaches".   

The positive part is that the research found that it was an improvement in the breach rate from last year. The incidents with retailers drooped from a 22% in 2016 to a 19%, the lowest number on any vertical survey in 2017, including the health sector (20%) financial services (24%) and federal government (34%).     

Peter Galving, strategy vice president in Thales -Security concludes: "It´s encouraging that annual breaches rates have started to drop, despite of they are still very high. With tremendous detailed compounds of customers behaviors and personal data under their custody, the retailers are a main target for hackers, so they should invest more in centralized data protection. As the retailers head out to the new technologies, the data security must be a maximum priority while they keep on their digital transformation". 

The network thugs knows perfectly who they should attack. The spoiled swots  that always have their lunch money on the school break. In the cybersecurity world, the retailers fill this role: they are more exposed to cybercriminals because of they have a juicy amount of data. The best way to face the thug? In this case its expending in security and not remaining stalled in the past.


Post a Comment