In the wake of recent data breaches like the ones at Target, Michaels, and eBay it has become important like never before to look beyond the basics in cybersecurity. Two key terms that I like to emphasize is the need for a proactive approach and situational awareness.
The security community has been so accustomed to reacting to incidents. For example, we discover a malware in the wild, and then develop a signature for it which is then pushed to anti-virus software. How about we invest our efforts even more towards proactively discovering exploits before they are discovered by hackers? This will tremendously assist in staying ahead of the game. In other words, security professionals need to be trained to think like hackers. To add, cybersecurity educational curriculums need to emphasize the importance of defensive and offensive strategies.
Also, it is important to carefully evaluate and not undermine early warnings provided. For example, in the case of Target, Visa had published data security alerts in April 2013, warning merchants of rising attacks against credit card data with specific inferences to memory-scraping malware. The seriousness of the warning might not have been captured in its entirety.
Likewise, situational awareness is very important. This includes complete awareness of the security posture of the organization in terms of the entire network, operations, individuals and processes involved in real-time. It is important not to miss out on the minute details. In the security realm, no device, user or service can be undermined or deemed as unimportant; all should be evaluated carefully as possible launching pads of attacks.
Although it is not possible to completely prevent data breaches, there are a number of important steps that can be implemented to reduce the risk. Let us put it this way, the Cybersecurity realm is like a cat-and-mouse game, bad guys are always going to be there and they are very intuitive. For security professionals, it is important to stay one step ahead in the game.