Effective breach disclosure

David Masson
Wednesday March 29, 2017
Written by David Masson
The new amendments of the Digital Privacy Act (DPA) will require businesses to disclose cyber-attacks to the Office of the Privacy Commissioner, or face the prospect of hefty fines. Organizations need to take decisive action to secure their networks and gain full network visibility before the legislation comes into effect.

Understand your network: If a breach does occur, a business should be able to provide the relevant information to the Privacy Commissioner as quickly and as thoroughly as possible. Today’s networks include physical, virtualized, Cloud, IoT and industrial control systems and even the most seasoned security professionals find it difficult to account for every device on their network. This proliferation of inroads into the network opens up new opportunities for cyber criminals to strike — and they will take advantage of the weakest link. Advanced, self-learning technologies can gain an understanding of the entire network, leaving no device or connection behind.

Gain full visibility: New forms of attack are inconspicuous, moving laterally in networks to find “the crown jewels,” before sounding off any alarms. Subtle changes in the “normal” pattern-of-life in a network are incredibly difficult to detect and yet they are the harbingers of the most sophisticated and lethal cyber attacks. AI algorithms that mimic the human immune system can build an understanding of what is “normal” for a network and detect even the most subtle anomalies.

Adopt an inside-out approach: Sophisticated cyber-attacks routinely bypass legacy security tools, and insider threats are a constant risk. The only sensible way to approach cyber security is to accept that the threat is already inside. By adopting an inside-out approach, security teams can identify and eliminate threats at their source before they can escalate into a crisis.


David Masson is Canada country manager for Darktrace (www.darktrace.com)

Add comment


Security code
Refresh

Subscription Centre

 
New Subscription
 
Already a Subscriber
 
Customer Service
 
View Digital Magazine Renew

Latest Events

(ISC)2 Security Congress
September 25-27, 2017
Focus On Drones
October 4, 2017
Anixter Showcase
October 12, 2017
Security Canada Central
October 18-19, 2017
CPTED Basic (Level 1)
October 23-25, 2017