Obama’s Cybersecurity Proposal: One Small Step for Preventing a Data Breach

0
126

Recently, the Obama administration sent a cybersecurity plan to the Senate for debate. The proposal outlined the universal regulations that all organizations should be required to adhere to in the case of a data breach. The recommendations included:

  • The implementation of one system for all organizations to follow to share information about data breaches. In order to do this, the administration proposes that penalties are removed for organizations that report ongoing data breaches to the Department of Homeland Security.
  • An allowance for organizations to build data centers wherever they’d like, removing the current requirement in certain states that data centers must be built within their state of operation.
  • One governing cybersecurity law for all states to follow.

All of the recommendations outlined in Obama’s proposal are a step in the right direction, but most organizations want to prevent a breach or attack from happening in the first place. In addition, should a breach occur, it’s critical that immediate action is taken in order to reduce overall impact. Oftentimes when an organization turns to the government to take action against an attack, it’s already too late and data has been compromised on a large scale. An unfortunate recent example is Sony, when a data breach into one network turned into the second largest breach of all-time.

 

In an effort to assist organizations in developing a top-level offensive strategy, we’ve created a list of tips that all online businesses should implement as a guideline for fighting cybercrime and protecting their networks:

 

  1. Know your average website traffic and usage habits. Behavioral analysis tools will allow you to build a profile of your site’s normal traffic patterns. They’ll also create a behavior pattern of the users accessing online services
  2. Look for any deviations from the normal behaviors. Having a way to detect abnormalities will allow you to quickly see if a Botnet attack has occurred.
  3. Isolate the transactions of users who raise your suspicion. This will allow you to block the user at the network’s perimeter and give you time to analyze traffic or unusual transactions.
  4. Analyze the attack tool. This will enable you to identify weaknesses.
  5. Create an offensive. Create a method that will exploit the attack’s weaknesses to deactivate the tool wherever located, thus cleaning the ‘bad traffic’ end-to-end beyond the perimeter borders.
  6. Measure the effectiveness of the attack offensive. Assess the tools used to stop the botnet or intruder, and adjust if necessary.

 

Utilizing this strategy empowers organizations to take the proper steps in the case of an attack to ensure minimal damage.

 

What do you think of Obama’s cybersecurity plan? Is your organization taking the right steps to prevent a data breach or attack?

 

Next article4 Reasons to Shop Certified – ADC Selection Made Easy
Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

LEAVE A REPLY

Please enter your comment!
Please enter your name here