Tom Kellermann, Carbon Black’s chief cybersecurity officer, believes tools that provide visibility can help companies better detect threats. He pointed to the ability to see, for instance, when an employee has inserted a USB device into a workstation and attempts to download information.
“Beyond technology, humans are often the weakest link in any organisation’s security posture,” Kellermann said. “Combatting rogue insiders can be thwarted by taking inventory of key data and limiting access to only trusted and authorised parties within the company.”
While the human factor can never be completely eradicated — as employees with authorised access can become disgruntled — prophylactic measures should still be implemented to reduce the risks, according to Stas Protassov, Acronis’ co-founder and president. For example, Protassov said, companies should regularly remind employees of punitive consequences should security breaches occur, which would urge users to be more alert and diligent.
Commenting on what should have been implemented to prevent the HIV data leak, Kellermann said sensitive data should have been “completely locked down and encrypted”. “While there’s no silver bullet to stopping an insider attack like this, limiting access and the attack surface can make it much harder for a nefarious insider to cause damage,” he said.
Kellermann noted that healthcare data was a highly coveted target for cybercriminals and, if stolen, could yield these hackers returns that are four times higher than financial data in black markets.
Healthcare providers also often lagged behind other industries with regards to cybersecurity, which further exacerbated the problem, he added. “The data is lucrative and the resistance path for attackers is typically not very strong. With credential and login theft, as seen in the case of the SingHealth attack, hackers of all proficiency levels could be responsible,” he said.
He underscored the need for organisations such as the Singapore Health Promotion Board to establish a clear view of activities across their enterprise environment, so attacks could be quickly remediated if they escalated.
Protassov noted that the healthcare sector needed to significantly improve the monitoring of access to patient data by doctors and other parties, adding that there were tools to monitor unauthorised replication of such data. Behavioural analytics also could be implemented to identify any behaviour that was out of the ordinary, he said.
“[And] while no external devices should be allowed [to connect to] systems containing sensitive data, all the data used for statistical or analytical purposes can and should be securely anonymised,” he noted. If this had been implemented in the case involving the HIV data registry, patients would have been unharmed even if there was a leak, he said.
He added that the health ministry’s move, following the incident, to bar external storage devices and unauthorised data copies, was generally correct.
Asked what the general public should do to protect their personal data when dealing with the public sector, Protassov urged citizens to be mindful that they owned a significant amount of sensitive data, which–if stolen–could be used to damage their livelihood. This also should heighten the need for the public sector–specifically, healthcare–to adopt better security measures.
“And learn [about] your country’s existing data protection laws and stay alert,” he said. “Nowadays, if you share your personal details with any public structure, you lose total control over it, but there are legal [recourse] you can take to keep your data from going into the wrong hands.”
RELATED COVERAGE
19-year-old makes millions from ethical hacking
The Argentine teenager has topped the charts when it comes to bug bounty hunting.
Singapore to offer bug bounty, set up Asean cybersecurity centre
Singapore government will launch a bug bounty initiative by end-2018, when local and international hackers will be invited to test systems for vulnerabilities, as well as a cybersecurity hub next year to facilitate collaboration and training efforts amongst Asean country members.
Singapore arms up on cyberdefence experts, opens cyberdefence school
Country’s defence ministry plans to hire 300 specialists trained in areas such as network monitoring and vulnerability assessment to better safeguard its systems and has opened a school to arm future recruits with cyberdefence skillsets.
Singapore defence ministry invites hackers to breach its systems
Country’s Ministry of Defence will run a “bug bounty” programme, led by HackerOne, inviting hackers worldwide to identify vulnerabilities in its internet-facing systems.
EU to fund bug bounty programs for 14 open source projects starting January 2019
Some of the approved projects include KeePass, 7-zip, VLC Media Player, Drupal, and FileZilla.
Credit: Source link
