CIO & LEADER-Issue-01-April 2018 (1)
Insight And You Thought Security Is Secular (Across Industries)? The nature and motive of data breaches could vary significantly across industries. Any strategy formulated without the understanding of those peculiarities in an industry will never be very effective By CIO&Leader 32 CIO&LEADER | April 2018
Insight Origin of breaches TThe conversation around enterprise security and threat management has always been horizontal. While there is a broader recognition today that the business impact of an incident could vary significantly across industries, there has been little effort to understand how the fundamental metrics of threat vary across businesses. That means a largely uniform, horizontal approach towards security. The recently released Verizon Data Breach Investigations Report (DBIR) 2018 — the 11th edition of the study — reveals why that could be awfully inadequate. Whether it is in terms of the origin (external vs internal) of breach/ incidents, the type of data breached or the nature of the attacks, the nine industries covered by DBIR 2018 show significant difference. Some of those metrics are key to the understanding of the nature of threats and hence important from the point of view of a solutions approach. For example, as much as 99% of the breaches occur in the accommodation (hospitality) industry involve external factors, while in healthcare, as much as 56% are internal. In fact, in hospitality, Point of Sales (PoS) accounts for 90% of all breaches. “Often restaurants are smaller organizations without the luxury of trained security staff, but they are forced to rely almost exclusively on payment cards for their existence,” explains the report. These attacks are overwhelmingly motivated by financial gain and perpetrated by organized crime. 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Accommodation 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Accommodation Education Education Financial Financial Healthcare The differences are not just in the origin. The motives too are significantly different across industries. Though increasingly, financial motives are becoming predominant, in some areas—like manufacturing and public administration—espionage are almost equally strong motives. In healthcare, curiosity is a major factor. The kind of data that is targeted also vary across industries. In Accommodation, 93% of compromised data is payment data; in education, 72% of data is personal. Credentials account for a huge 41% in the Information sector. A good counter-threat strategy requires that the breaches are Information Manufacturing External Internal Others Prof Services Motive behind breaches Healthcare Information Manufacturing Prof Services Public Administration Public Administration Financial Espionage Convenience Fun ideology others Retail Retail understood clearly. Each industry has a different mix of motives, origins and the kind of data that is targeted. Since the security budget and resources are limited, they need to be channelized properly to optimize the effectiveness of the security strategy. Depending on the nature of threat, the companies will not just be able to identify the investment priorities, it may also help an entire industry segment to come together to minimize certain threats. In areas like healthcare and public administration, a collaborative approach may be more effective than siloed approach April 2018 | CIO&LEADER 33
- Page 1: Column Cambridge Analytica Case: Lo
- Page 4 and 5: Column Cambridge Analytica Case: Lo
- Page 6 and 7: around thetech WhAT CIOs are tired
- Page 8 and 9: Around The Tech Flip the Cart matte
- Page 10 and 11: COLUMN By Mohua Sengupta Is Hashgra
- Page 12 and 13: COLUMN By Shyamanuja Das Cambridge
- Page 14 and 15: Cover Story 12 CIO&LEADER | April 2
- Page 16 and 17: Cover Story According to Gartner's
- Page 18 and 19: Cover Story The Rise of the B2B sta
- Page 20 and 21: Cover Story Collaborating with a st
- Page 22 and 23: FACE OFF // Is ROI becoming outdate
- Page 24 and 25: POINT OF VIEW: Ctrl-S “Over 200 i
- Page 26 and 27: insight Companies Are Going To Spen
- Page 28 and 29: Insight Blockchain’s Red Hot Indi
- Page 30 and 31: Insight Exchange in March 2014. Bas
- Page 32 and 33: Insight Bot Seriously! Virtual assi
- Page 36 and 37: Security 1 In 4 Organizations Using
Insight<br />
Origin of breaches<br />
TThe conversation around enterprise<br />
security and threat management has<br />
always been horizontal. While there<br />
is a broader recognition today that the<br />
business impact of an incident could<br />
vary significantly across industries,<br />
there has been little effort to understand<br />
how the fundamental metrics of<br />
threat vary across businesses.<br />
That means a largely uniform, horizontal<br />
approach towards security.<br />
The recently released Verizon<br />
Data Breach Investigations Report<br />
(DBIR) 2<strong>01</strong>8 — the 11th edition of the<br />
study — reveals why that could be<br />
awfully inadequate.<br />
Whether it is in terms of the origin<br />
(external vs internal) of breach/<br />
incidents, the type of data breached<br />
or the nature of the attacks, the nine<br />
industries covered by DBIR 2<strong>01</strong>8 show<br />
significant difference. Some of those<br />
metrics are key to the understanding<br />
of the nature of threats and hence<br />
important from the point of view of a<br />
solutions approach.<br />
For ex<strong>amp</strong>le, as much as 99% of the<br />
breaches occur in the accommodation<br />
(hospitality) industry involve external<br />
factors, while in healthcare, as much as<br />
56% are internal. In fact, in hospitality,<br />
Point of Sales (PoS) accounts for 90%<br />
of all breaches.<br />
“Often restaurants are smaller organizations<br />
without the luxury of trained<br />
security staff, but they are forced to<br />
rely almost exclusively on payment<br />
cards for their existence,” explains the<br />
report. These attacks are overwhelmingly<br />
motivated by financial gain and<br />
perpetrated by organized crime.<br />
100%<br />
90%<br />
80%<br />
70%<br />
60%<br />
50%<br />
40%<br />
30%<br />
20%<br />
10%<br />
0%<br />
Accommodation<br />
100%<br />
90%<br />
80%<br />
70%<br />
60%<br />
50%<br />
40%<br />
30%<br />
20%<br />
10%<br />
0%<br />
Accommodation<br />
Education<br />
Education<br />
Financial<br />
Financial<br />
Healthcare<br />
The differences are not just in the origin.<br />
The motives too are significantly<br />
different across industries. Though<br />
increasingly, financial motives are<br />
becoming predominant, in some<br />
areas—like manufacturing and public<br />
administration—espionage are almost<br />
equally strong motives. In healthcare,<br />
curiosity is a major factor.<br />
The kind of data that is targeted also<br />
vary across industries. In Accommodation,<br />
93% of compromised data is payment<br />
data; in education, 72% of data<br />
is personal. Credentials account for a<br />
huge 41% in the Information sector.<br />
A good counter-threat strategy<br />
requires that the breaches are<br />
Information<br />
Manufacturing<br />
External Internal Others<br />
Prof Services<br />
Motive behind breaches<br />
Healthcare<br />
Information<br />
Manufacturing<br />
Prof Services<br />
Public Administration<br />
Public Administration<br />
Financial Espionage Convenience Fun ideology others<br />
Retail<br />
Retail<br />
understood clearly. Each industry<br />
has a different mix of motives, origins<br />
and the kind of data that is targeted.<br />
Since the security budget and<br />
resources are limited, they need to be<br />
channelized properly to optimize the<br />
effectiveness of the security strategy.<br />
Depending on the nature of<br />
threat, the companies will not just<br />
be able to identify the investment<br />
priorities, it may also help an entire<br />
industry segment to come together<br />
to minimize certain threats. In<br />
areas like healthcare and public<br />
administration, a collaborative<br />
approach may be more effective than<br />
siloed approach<br />
<strong>April</strong> 2<strong>01</strong>8 | <strong>CIO</strong>&<strong>LEADER</strong><br />
33
Change language