latest updates from easySERVICE™
Defending against data breach requires a strategy that focuses on identifying the precursors and indications of malicious actors early on. An effective Data Loss Prevention (DLP) strategy consists of five core steps:
1. Collect All Data – Collect data from across the enterprise in order to produce a complete threat picture. Many organizations collect data in a variety of forms and formats at different locations and then never bring it all together. Collection of all relevant data is essential for analysis of known and identification of as-yet unidentified threats.
2. Correlate – Understanding activities of advanced threat actors requires correlation of base sets of data, contextual, statistical information on past observations, and threat data sources such as known exploits for a given port. Analysis of the major data breaches of 2013 show that data correlation was a major challenge for the victim organizations.
3. Identify Threat Activity Early – Develop techniques and analytics for identifying threat actors as early in the “Compromise process” as possible. In many cases, the scanning and probing will occur over time – which requires network defense organizations to work with more data to detect these activities.
4. Watch “High Value Target” transmission patterns – Identify High Value Targets on networks and monitor all interaction patterns with other hosts, with an eye for any change, no matter how subtle. Monitor what malicious actors learn – Reconstruction of a network attack requires analysis of what systems malicious actors are interested in and what they have learned about those systems.
5. Monitor what malicious actors learn – Reconstruction of a network attack requires analysis of what systems malicious actors are interested in and what they have learned about those systems.
Source: Associated Press