Happy Samhain! According to Wikipedia, Samhain is a Gaelic festival marking the end of the harvest season and the beginning of winter or the "darker half" of the year. This is a time to celebrate and also prepare for the winter ahead. As cyber security professionals, you may feel this is just another day at the office, but it is also the end of Cyber Security Awareness month and a time to consider what it takes to protect not only your IT infrastructure, but your corporate brand as well.
Your Name Is Your Bond
A famous playwright wrote “a rose by any other name would smell as sweet,” but it turns out that when a brand name is added, it can be worth considerably more. The world’s most valuable brands according to Forbes lists the top 100 with brand values ranging from a low of $7.4B (KFC) to a high of $182.8B (Apple).
So, it’s no surprise that cyber criminals will play off of that brand value for their own purposes. One of the biggest challenges is the lag between when a breach occurs and when it is discovered and/or remediated. According to the Verizon’s 2018 Data Breach Investigations Report,
“The time it takes cybercriminals to compromise a system is often just a matter of minutes—or even seconds. They don’t need much time to extract valuable data—they usually have much more than they need as it typically takes organizations weeks or months to discover a breach.
68% of breaches took months or longer to discover.
In many cases, it’s not even the organization itself that spots the breach—it’s often a third party, like law enforcement or a partner. Worst of all, many breaches are spotted by customers. You don’t need us to tell you how bad that would be for your brand reputation.”
What would this do to your brand reputation and at what cost?
$Millions Are At Stake
A CSO article titled “Does a data breach really affect your firm’s reputation?” reported that,
“In the survey, conducted by OnePoll, 86.55 percent of 2,000 respondents stated that they were “not at all likely” or “not very likely” to do business with an organization that had suffered a data breach involving credit or debit card details. The numbers were slightly lower if home and email addresses and telephone numbers had been lost.”
The article goes on to say,
“It’s true to say that customer loyalty damage is done in the event of a breach, and that sales do take a nose-dive. Target’s sales fell by 46 percent year-on-year in the fourth quarter of 2013 to $520 million (or 81 cents a share), while eBay (breached mid 2014) admitted declining user activity impacted its quarterly net revenue.”
Prevention During The Dark Half And Every Half
During this Samhain and every other season to follow, protecting your organization from hackers will require you to implement a cyber security strategy based on tools that won’t miss zero-day attacks and can’t be evaded by smart cyber criminals. Solebit’s SoleGATE (now part of Mimecast) uses a static analysis which is faster, more accurate, not OS version dependent and covers 100% of your code, with complete visibility. With SoleGATE, every line of code is evaluated, making Sandbox evasion techniques ineffective. On average, Solebit analysis time is between milliseconds up to a few seconds. Network Sandboxes typically take 5-15 minutes to perform the same analysis.
Using deep inspection and analysis methods, SoleGATE is able to interpret and detect code in real time and immediately block threats from penetrating your organization. DvC™ has no assumptions on threat heuristics and behavior and assumes that there is no legitimate reason for executable code to be present in a data file, it relies solely on identifying code existence on non-executables files. Bottom line is that you will finally have safe content!
Check out this whitepaper on an evasion-proof approach against modern cyber-attacks that can keep your content safe. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.