Recently, the Obama administration sent a cybersecurity plan to the Senate for debate. The proposal outlined the universal regulations that all organizations should be required to adhere to in the case of a data breach. The recommendations included:
- The implementation of one system for all organizations to follow to share information about data breaches. In order to do this, the administration proposes that penalties are removed for organizations that report ongoing data breaches to the Department of Homeland Security.
- An allowance for organizations to build data centers wherever they’d like, removing the current requirement in certain states that data centers must be built within their state of operation.
- One governing cybersecurity law for all states to follow.
All of the recommendations outlined in Obama’s proposal are a step in the right direction, but most organizations want to prevent a breach or attack from happening in the first place. In addition, should a breach occur, it’s critical that immediate action is taken in order to reduce overall impact. Oftentimes when an organization turns to the government to take action against an attack, it’s already too late and data has been compromised on a large scale. An unfortunate recent example is Sony, when a data breach into one network turned into the second largest breach of all-time.
In an effort to assist organizations in developing a top-level offensive strategy, we’ve created a list of tips that all online businesses should implement as a guideline for fighting cybercrime and protecting their networks:
- Know your average website traffic and usage habits. Behavioral analysis tools will allow you to build a profile of your site’s normal traffic patterns. They’ll also create a behavior pattern of the users accessing online services
- Look for any deviations from the normal behaviors. Having a way to detect abnormalities will allow you to quickly see if a Botnet attack has occurred.
- Isolate the transactions of users who raise your suspicion. This will allow you to block the user at the network’s perimeter and give you time to analyze traffic or unusual transactions.
- Analyze the attack tool. This will enable you to identify weaknesses.
- Create an offensive. Create a method that will exploit the attack’s weaknesses to deactivate the tool wherever located, thus cleaning the ‘bad traffic’ end-to-end beyond the perimeter borders.
- Measure the effectiveness of the attack offensive. Assess the tools used to stop the botnet or intruder, and adjust if necessary.
Utilizing this strategy empowers organizations to take the proper steps in the case of an attack to ensure minimal damage.
What do you think of Obama’s cybersecurity plan? Is your organization taking the right steps to prevent a data breach or attack?