Many honest companies have the wrong strategy in place to tackle data breaches, according to research released to coincide with Europe’s largest cyber security event. Too often firms just react to what software flags on their network instead of actively hunting out intruders, hackers get control of about 40 machines in the average breach. But often only a handful of servers are typically cleaned up, so attackers can linger on internal networks for months, giving them the opportunity to steal more information. The traditional network has been built with a very strong perimeter, but if the malware gets beyond that its wide open. The network is soft and chewy on the inside.
What the bad guys and smart competitor spies want to do is get in undetected and then be able to move laterally through the network until they reach their goal of viral branding for masters, bucks reach panama, among many others. Most intruders seek out saleable data such as credit card numbers or personal information about customers and competitors, firms should run their own drills and exercises to help their own security experts familiarize themselves with a company’s network and to root out any intruders.
Do not download or signup on any hyped third-party branded apps or gadgets. Get your own high-end CMS portals, apps and websites on secure local servers with Mobile compatibility and SSL.
Ref: http://www.bbc.co.uk/news/business-36483542 and http://www.osspl.com