The same cyber vulnerabilities that have been afflicting organizations for the past few years will continue to do so but there are a range of other cyber security issues that these organizations should also be concerned with, Kroll Advisory Solutions says in a recent report.
“While last year’s vulnerabilities will continue to haunt organizations that have yet to evolve their policies and procedures, from encrypting data to regularly changing passwords, there are many challenges and solutions that have yet to be explored,” Alan Brill, senior managing director at Kroll Advisory, said in a statement. “For this reason, we’ve decided to deviate from our respected peers in the industry and take a new tack with our 2013 predictions, addressing the issues organizations aren’t talking about but should be.”
Kroll, which is part of Altegrity, highlights four areas where organizations need to be concerned and offers recommendations for addressing them.
The four “unexpected” focus areas are vampire data, forgotten forensics, hackers out to destroy an organization and disclosure. Vampire data, which is things like old emails or backup tapes that go back years and possibly were supposed to be destroyed, can be lost or stolen, leading to a “data breach that just shouldn’t have happened,” the report says.
Kroll says that to guard against the theft of data that organizations may not know they still possessed, they need to inventory their data and classify it to limit access while also training employees on data handling.
Regarding forensics, Kroll says some organizations don’t properly log or document activities, so that if they investigate whether a breach has occurred they may be doing so “based on reasonable assumption rather than concrete evidence of exposure.” The result is money unnecessarily spent, the report says.
Kroll says that logs should be turned on and retained long enough to be useful and that employees should be trained in “the basics of immediate breach response” without destroying evidence needed to “understand the incident.”
There are network hackers that try to steal data but there are also hackers “out to destroy your company,” Kroll says. Kroll worked on a “handful” of incidents with companies last year that involved the destruction of their data on a wide scale. Companies of all sizes are at risk here, Kroll adds.
Kroll recommends having a backup plan for restoration, which means having more than just backup tapes. “If you are outsourcing IT (information technology) functions, make sure your third parties understand their role in getting you back up and running, and you’ll want to test their ability to do so,” Kroll says.
Companies that have been the target of cyber attacks and data breaches have been reluctant to disclose these incidents but moving forward more companies can be expected to speak up, Kroll says, even if the data loss isn’t personally identifiable.
Kroll says that people will know a company has been hacked if their computer networks go down and if the stakes are high, companies will seek help from outside parties, including the government, to cope with an attack.
To prepare for the fallout from an attack, Kroll says organizations need to “contract with outside resources” to help with post-event investigation, response, and legal requirements.
“Boards of directors are becoming more engaged on this subject, in part because it deals with corporate risk and also because the regulators are on the lookout,” Tim Ryan, managing director at Kroll Advisory, said in a statement.