Network data breaches can ruin an executive’s day. Fortunately it is possible to make networks more secure and improve incident response capabilities.
Modern networks can’t just relax with a firewall and completed checklists. It is critical to have a living network security program. Detecting and responding to attackers (who are probably already in the network) is the best process. Consider the wisdom offered by the Australian government and SANS. They have created some common sense suggestions for network security.
A major US retailer flew us in to ask for our opinion regarding the security of their point-of-sale network. We told them that customer data was seriously exposed and that the backbone of their corporate network was a short hop from improperly configured wireless devices. Fixing these problems is a hair-on-fire priority.
The customer paid their bill and we focused on other investigations… until national news reported that their network had been breached. Apparently they had filed and forgotten our report. Oops!
A breach like this can destroy sales, stock value and executive careers.
No, we didn’t call and say “We told you so”