“To err is human.”
This quote by British poet Alexander Pope gained new meaning to me after reading a follow-up article by Information Week on the massive security breach that the American retailer Target experienced this past November. According to the story, the Target security team reviewed and ignored urgent warnings about unknown malware spotted on their network. They simply made the wrong call. This can happen, but this erroneous call, ended up resulting in millions of dollars in lost revenues to the organization as well as exposed the personal and credit information of millions of their shoppers.
Despite Target’s security systems alerting two different on-call security teams, one in Bangalore and one in Minneapolis, the action taken was inaction. In a written response, a Target spokeswoman commenting on the security team’s decision said that, “based on their interpretation and evaluation of that activity, the team determined that it did not warrant immediate follow up.” Also important to note: Target, consisting of 1,600+ stores in 48 states, had invested millions of dollars during the twelve months preceding the breach to build this top-notch enterprise network security system.
What we can learn from this story?
Considering the transaction load that successful retailers and e-retail sites can receive, missing an occasional threat is, indeed, human. Hackers, however, understand this vulnerability. The more-sophisticated attackers have been known to add extra traffic to a site using DDoS attacks. This increases the likelihood that they can hide their more malicious activities better among the extra load on the site. But can an error, in the case of an ignored security alert, be avoided? Yes.
The integration of detection and protection tools within a single control/orchestration layer is a revolutionary approach that helps to counter the risk of human error. With this approach, the control layer does more than just report. It makes actionable items and then decides (within fractions of a second) what the best protection approach is and then immediately implements it.
As cyber attacks continue to rise with more complex, multi-vector campaigns, this can challenge any enterprises’ ability to protect their network and customer information. By automating mitigation and selecting the most effective tools and locations – aided by human effort and expertise – enterprises can offer the most complete protection for their network in the data center, at the perimeter or in the cloud. To err is human, but to automate — secure.