We are now more than a third of the way through National Cybersecurity Awareness Month. I’m curious to know what others think about the National Cybersecurity Awareness Month initiative—especially those who don’t work in or for the cybersecurity industry. The tips and advice given during this month are generally good—standard cybersecurity best practices and such—but I feel like the only people paying attention to the National Cybersecurity Awareness Month coverage are people who do cybersecurity for a living and that we are just preaching to the proverbial choir.
But I digress. Let’s look at the cybersecurity headlines for this week:
More Data Breaches
Data breaches happen all the time. They happen so frequently that—to some extent—they aren’t even really news most of the time. Only the really huge data breaches tend to make the headlines anymore. If you start to see a rise in data breaches in the headlines, however, that should be a red flag that data breaches in general may be trending up and that there are many more you just haven’t heard about.
Just in the last couple of weeks both DoorDash and Zynga have made headlines with data breaches affecting hundreds of millions of customers. DoorDash—a food delivery service—revealed that a data breach exposed personal information on nearly 5 million customers, businesses, and DoorDash drivers. A hacker collective claims to have breached Zynga—a smartphone game developer—and gained access to sensitive personal data on 200 million players of iOS and Android games like Words with Friends.
The takeaway is to remain vigilant. It is unreasonable to expect to prevent or block every attack, which is why it’s important to actively monitor for suspicious or malicious activity to identify and respond to security incidents as quickly as possible.
Post-Mortem of Imperva Breach
While we’re on the subject of data breaches, let’s take a look at the results of the investigation into the data breach at Imperva. I mentioned the Imperva breach in This Week in Cybersecurity: August 30—and Alert Logic’s Jonny Milliken, Threat Research Manager for the Active Intelligence team, praised Imperva for its quick response in addressing the breach.
The transparency Imperva demonstrated in the initial response to the breach continues. Imperva has released its post-mortem report following the investigation into how the breach occurred. According to the report, Imperva accidentally left a copy of the company’s AWS API key on an internal system that was left exposed to the internet. An attacker discovered the API key and used it to access Imperva’s cloud infrastructure.
Kudos, again, to Imperva for the quick response to the breach and the transparency in dealing with and investigating it. It illustrates the importance of understanding the shared responsibility model for cloud security, and for continuous monitoring for vulnerabilities and configuration issues so they can be addressed proactively.
Alert Fatigue and Stress in Cybersecurity
There is a lot of attention these days on the shortage of skilled cybersecurity professionals. Pretty much everyone by now has seen the data from Cybersecurity Ventures that predict 3.5 million unfilled cybersecurity roles by 2021. As ominous as those estimates are, there is another concerning issue to deal with as well—the pressure and stress on the cybersecurity professionals we have.
Jack Danahy, SVP, Security for Alert Logic, recently wrote, “In this high paying and high demand profession, it seems logical that there would be job satisfaction and a growing cadre of highly experienced individuals helping to train the next wave of analysts and advisors. Unfortunately, the demands of this job can be pretty high. The Information System Security Association ( ISSA ) and the Enterprise Strategy Group ( ESG ) have researched burnout among security players, and the numbers are high, with 47% reporting that they are only somewhat satisfied, for a variety of reasons.”
A recent report from the Ponemon Institute suggests that long hours, alert overload, and the stress of trying to anticipate and prevent attacks with limited visibility of the network infrastructure has nearly two-thirds (65%) of existing cybersecurity professionals considering a career change.
Organizations can address both problems—both the shortage of skilled cybersecurity professionals and the stress and burnout of alert fatigue for existing cybersecurity professionals—by working with a managed security services provider (MSSP). Not only can working with an MSSP provide peace of mind and help you sleep at night, it is also more cost effective than trying to do it yourself.