main

BotnetsDDoSSecurityWAF

Protecting Sensitive Data: A Black Swan Never Truly Sits Still

October 10, 2018 — by Mike O'Malley1

protecting-sensitive-data-never-sit-still-960x540.jpg

The black swan – a rare and unpredictable event notorious for its ability to completely change the tides of a situation.

For cybersecurity, these nightmares can take the form of disabled critical services such as municipal electrical grids and other connected infrastructure networks, data breaches, application failures, and DDoS attacks. They can range from the levels of Equifax’s 2018 Breach Penalty Fines (estimated close to $1.5 billion), to the bankruptcy of Code Spaces following their DDoS attack and breach (one of the 61% of SMBs companies that faced bankruptcy per service provider Verizon’s investigations), to a government-wide shutdown of web access in public servants’ computers in response to a string of cyberattacks.

Litigation and regulation can only do so much to reduce the impact of black swans, but it is up to companies to prepare and defend themselves from cyberattacks that can lead to rippling effects across industries.

[You might also like: What a Breach Means to Your Business]

If It’s So Rare, Why Should My Company Care?

Companies should concern themselves with black swans to understand the depth of the potential long-term financial and reputation damage and suffering. Radware’s research on C-Suite Perspectives regarding the relationship between cybersecurity and customer experience shows that these executives prioritize Customer Loss (41%), Brand Reputation (34%), and Productivity/Operational Loss (34%). Yet, a majority of these same executives have not yet integrated security practices into their company’s security infrastructure such as their application DevOps teams.

The long-term damage on a company’s finances is note-worthy enough. IT provider CGI found that for technology and financial companies alone, they can lose 5-8.5% in enterprise value from the breach. What often goes unreported, however, is the increased customer onboarding costs to combat against large-scale customer churn following breaches.

For the financial sector, global accounting firm KPMG found that consumers not only expect institutions to act quickly and take responsibility, but 48% are willing to switch banks due to lack of responsibility and preparation for future attacks, and untimely notification of the breaches. News publication The Financial Brand found that banking customers have an average churn rate of 20-40% in 12 months, while a potential onboarding cost per customer can be within the $300-$20,000 range. Network hardware manufacturer Cisco estimates as high as 20% of customers and opportunities could be lost.

Just imagine the customer churn rate for a recently-attacked company.

How does that affect me personally as a business leader within my company?

When data breaches occur, the first person that typically takes the blame is the CISO or CSO. A common misconception, however, is that everyone else will be spared any accountability. But the damage is not limited to just security leadership. Due to the wide array of impacts that result from a cyberattack, nearly all C-level executives are at risk; examples include but are not limited to Equifax’s CEO, Richard Smith, Target CEO Gregg Steinhafel and CIO Beth Jacob. This results in a sudden emptiness of C-Suite level employees. Suddenly, there’s a lack of leadership and direction, causing its own internal combination of instability.

Today’s business leaders need to understand that a data breach is no longer limited to the company’s reputation, but the level of welfare of its customers. Just the event of a data breach can shatter the trust between the two entities. CEOs are now expected to be involved with managing the black swan’s consequences; in times of these hardships, they are particularly expected to continue being the voice of the company and to provide direction and assurance to vulnerable customers.

A business leader can be ousted from the company for not having taken cybersecurity seriously enough and/or not understanding the true costs of a cyberattack – that is, if the company hasn’t filed for bankruptcy yet.

Isn’t this something that my company’s Public Relations department should be handling?

One of the biggest contributors to the aftermath chaos of a black swan is the poor/lack of communication from the public relations team. By not disclosing a data breach in a timely manner, companies incur the wrath of the consumer and suffer an even bigger loss in customer loyalty because of delays. A timely announcement is expected as soon as the company discovers the incident, or according to the GDPR, within 72 hours of the discovery.

A company and its CEO should not solely depend on their public relations department to handle a black swan nightmare. Equifax revealed its data breach six weeks after the incident and still hadn’t directly contacted those that were affected, instead of creating a website for customer inquiries. Equifax continues to suffer from customer distrust because of the lack of guidance from the company’s leadership during those critical days in 2017. At a time of confusion and mayhem, a company’s leader must remain forthcoming, reassuring and credible through the black swan’s tide-changing effects.

Following the cybersecurity black swan, a vast majority of consumers must also be convinced that all the security issues have been addressed and rectified, and the company has a plan in place for any future repeated incidents. Those that fail to do so are at risk of losing at least every 1 in 10 customers, exhibiting the potential reach of impact a black swan can have within a company alone, beyond financial aspects.

How Do You Prepare for When the Black Swan Strikes?

When it comes to the black swan, the strategic method isn’t limited to be proactive or reactive, but to be preemptive, according to news publication ComputerWeekly. The black swan is primarily feared for its unpredictability. The key advantage of being preemptive is the level of detail that goes into planning; instead of reacting in real-time during the chaos or having a universal one-size fits all type of strategy, companies should do their best to develop multiple procedures for multiple worst-case scenarios.

Companies cannot afford to be sitting ducks waiting for the black swan to strike, but must have prepared mitigation plans in place for the likelihood. The ability to mitigate through extreme cyber threats and emerging cyberattack tactics is a dual threat to the company, depending on the level of cybersecurity preparation a company possesses. By implementing a strong cybersecurity architecture (internal or third-party), companies can adapt and evolve with the constant-changing security threats landscape; thereby minimizing the opportunities for hackers to take advantage.

In addition to having a well-built security system, precautions should be taken to further strengthen it including WAF Protection, SSL Inspections, DDoS Protection, Bot Protection, and more. Risk management is flawed due to its nature of emphasis on internal risks only. What’s been missing is companies must do more to include the possibilities of industry-wide black swans, such as the Target data breach in 2013 that later extended to Home Depot and other retailers.

It’s Time To Protect Sensitive Data

In the end, the potential impact of a black swan on a company comes down to its business owners. Cybersecurity is no longer limited to a CISO or CSO’s decision, but the CEO. As the symbol and leader of a company, CEOs need to ask themselves if they know how their security model works. Is it easily penetrated? Can it defend against massive cyberattacks?  What IP and customer data am I protecting?  What would happen to the business if that data was breached?

Does it protect sensitive data?

Read “Radware’s 2018 Web Application Security Report” to learn more.

Download Now

Application SecuritySecurity

Understanding the Power of Big Data For Your Business

September 6, 2018 — by Ashley Lipman10

protect_datasaas_it-960x640.jpg

Data might just be the biggest asset your company has. It is more than just collecting numbers. The right metrics can help you make smart decisions for your business, and anticipate customer demands early on. You can use consumer data to improve your marketing strategy, create products and services that challenge the industry, and build a robust bottom line.

But not all data is created equal. What metrics should you consider in your strategy, and how should you measure this information in the first place? How can you use data to analyze your business success and future steps?

What is Big Data?

While the term might sound like a business buzzword, it’s actually much more than that. Big data started as a conversation for technologists in big companies, but it’s now a viable resource for all business sizes. According to Oracle, big data is “data that contains greater variety arriving in increasing volumes and with ever-higher velocity.”

This definition might be confusing, but it ’s much simpler than that. It is a large amount of complex information that is constant from new sources. That means big data is always recent, and it’s always relevant. It is changing, and it can be used to address new problems in a shifting world.

[You might also like: Consumer Sentiments About Cybersecurity and What It Means for Your Organizations]

Big Data in Practice

Now that you understand how big data is a large metric of constantly evolving trends, it’s time to examine its value in business today. Whether you’re running a startup or an established organization, you need to make smart choices. If you don’t have any basis for these decisions, you’re bound to make mistakes.

Big data bridges gaps in experience. If you’re looking to expand your business into a new market or you’re launching a new product, you don’t have the experience to fall back on. You need big data. To understand why, let’s talk about how it’s used in practice.

Developing Products

If you want to stay relevant in your industry today, you need to have new products that compete with the norm. Things move quickly, and if you can’t anticipate customers’ wants and needs before they become a reality, you’ll lose out to bigger competition. By using data, you can understand what was successful about products or services in the past. More importantly, you can analyze what needs have yet to be filled.

Customer Experience

According to a survey, 88% of buyers are willing to pay more for a better experience. In the next few years, customer experience is expected to overtake other things like price or even the product itself as a way to differentiate between brands. In this race for customers, you need to make sure your customers’ needs are addressed in a timely, efficient manner. Data allows you to avoid repeating past problems and keep track of things like personalized offers and patterns.

Maintenance

Customers today have very limited patience. When things go wrong, they’re likely to run to a competitor without a second thought. It’s up to companies to create a system for maintaining their technology, quality, and services. A single failure or error will lead to damaged reputations, customer dissatisfaction, and inefficient use of time. Whether you need to look into Windows logging basics for a complex computer system or application monitoring, data is how you prevent problems before they start.

Innovation

Only the most innovative companies will succeed today. How do you innovate? By analyzing what’s been done in the past and building on this knowledge. Using big data is a smart way to gain insight into areas that need improving, and you can learn from the mistakes of other organizations to avoid repeating them yourself. Innovation depends on stats, technology, and your ability to keep moving forward.

The Future of Big Data

As more startups join the race, big data is being called upon more than ever before. There are so many ways to utilize data of the past to create smart decisions for the future. Technology is changing at a rapid pace. This gives us more insight into data and consumer decisions. How will you use this to help your business?

Another challenge regarding the development of big data in the future is how it will be secured. Any businesses that work with customer or employee data need to create systems for securing it from unwanted parties. While data is an asset, it is also a risk.

[You might also like: Cybersecurity & Customer Experience: Embrace Technology and Change to Earn A Customer’s Loyalty]

Losing customer data can be harmful to the reputation of the business which is something frequently seen in the news today. Things like firewalls, virus protection, and other protective measures will be essential as we enter this new age of cybersecurity. How will your company protect its own data moving forward? What systems are in place to protect yourself from outside threats?

It’s not enough to collect data. You need to know how to analyze it in a way that you can actually act on. You also need to protect it as though your business depends upon it. Take your data further and find new discoveries that will take your organization into a new era of customer satisfaction.

Read the “2018 C-Suite Perspectives: Trends in the Cyberattack Landscape, Security Threats and Business Impacts” to learn more.

Download Now

Security

Detecting Malware/APT Through Automatic Log Analysis

May 23, 2018 — by Fabio Palozza0

big-data-malware-960x679.jpg

Legacy perimeter security mechanisms can be evaded very easily. It’s disappointing, but it’s true. Innovatively-designed malware and APTs have the potential to evade even the strongest signature-based security solutions that are currently being deployed across industries. This has encouraged IT companies to think beyond prevention and to design effective detection strategies. In recent times, companies have started analyzing traffic logs through a deployment of technology as well as professional services to detect attacks that are under way. However, even though traffic log analysis can promote the identification of malware activity, companies may not benefit from it much as the on-premises approach is incomplete, inefficient, and expensive at the same time.

Security

Cybersecurity & The Customer Experience: The Perfect Combination

May 22, 2018 — by Anna Convery-Pelletier1

finance-data-protection-960x640.jpg

Organizations have long embraced the customer experience and declared it a competitive differentiator. Many executives are quick to focus on the benefits of a loyal-centric strategy and companies now go to great lengths to communicate their organization’s customer centricity to retain existing customers and attract new ones.

But where is cybersecurity in this discussion?

Security

GDPR in Action, Even Facebook Impacted

May 15, 2018 — by Fabio Palozza0

GDPR-960x540.jpg

As Europe awaits the General Data Protection Regulation (GDPR) to come into force on May 25th, Facebook is enforcing new terms of service to its users to ensure compliance with the upcoming data privacy law. It will regulate how Facebook collects and uses user data that is critical to the success of its advertisement business. While Facebook executives are claiming that GDPR will have minimal impact on its user base and its revenues, experts opine that there are multiple other ways that GDPR can affect Facebook in a severe manner. With GDPR being an extraordinary regulation with strong potential to impact large businesses, Facebook stands exposed to a number of uncertainties that are yet to take shape.

Security

Cyber-Security Concerns to Know Before You Sign On

April 16, 2015 — by David Monahan0

David Monahan is Research Director for Enterprise Management Associates (EMA) and is a featured guest blogger.

Any of us who use the Internet with regularity enjoy the benefits of Federated Identity Management (FIM) and Single Sign-On (SSO) without much thought. Because of these technologies, we are able to move between our favorite blog site, news center, or social media site (Twitter, Facebook, LinkedIn, etc.) without having to struggle for log in information.