By Patrick Martin, cybersecurity analyst.
A recent Tripwire article highlighted the US as being the leading victim in breach occurrence with the UK coming in second.
In the article, they discuss pre-incident mitigation techniques including information and data security including physical security. They highlight that business insurance needs to cover not only the usual risks but also expenses related to incident response, data recovery, investigation and legal fees. 75% of retail organisations apparently do not even have a response plan, which everyone should have of course.
Interestingly, and important to note, is that there is no recommendation that they actively monitor for content outside the firewall and proactively monitor for their own data breaches. If you ever watch the Secret Service when they escort POTUS, they are rarely looking at him. They are always looking out into the crowd where the threat is most likely to come from. If you have ever lost something personal you know there are only two scenarios that will inform you of the loss. Either you will notice it has gone missing, or it turns up somewhere else and someone tells you. Whether it’s your glasses, your wallet or your data if you drop your attention or lose focus then you may well lose something and not even notice. Especially if it is valuable to someone else.
Every day the media is reporting another data breach, yet companies seem not to be reacting to this or giving it the attention required. This is not sector or industry specific; data breaches are happening and will continue to happen whilst data remains valuable.
Monitoring outside of the firewall needs to be acknowledged within all companies as important as protecting inside the network. Monitoring the Dark Web for your own data means you will be in control if a breach ever happens; you will be the first to know and can manage it effectively. Just the same way a smoke detector warns you there is going to be a fire, before there is a fire.