In relation to recent major security attacks it’s time to think about security as an issue for everyone. Just last week, Penn States University experienced and discovered a two-year long security breach. The university disconnected its College of Engineering’s public Internet after discovering an intrusion that has been ongoing since at least September of 2012. While the University claims there was actual no sensitive data of information compromised they did notify some 18,000 individuals of the fact that their social security numbers were saved on a plain text file on one of the compromised machines. As a result of the breach, the university has spent roughly $2.85 million responding to the attacks including external experts and replacing hardware.
That is quite a pricey proposition. Security breaches are no longer a matter of how, but when. With greater instances such as this University attack and the Target and Home Depot breaches just last year, its important to start moving to prepare for such attacks.
Industry professionals need to agree to get on board with security taking precedent to other issues. The more we advance “default security” options, the more comfortable users feel and stop taking extra precautions. By making users too comfortable we are allowing malware to make its way into peoples computers at home and at work ultimately affecting everyone.
We should be continuously committing to educating and supporting industry professionals the importance of security beyond the bare minimum to prevent any accidental slips.
Just earlier this year, Geoff Webb, senior director, security strategy with NetIQ, shared, . “The more we can share information, the better we all are at responding quickly and preventing successful attacks. And that has huge value for everyone.”
At the same conference, security professionals came up with a list of 5 top security concerns including: Attacks against virtual payment systems, more old security holes surface in open source software, more old cyber security holes causing problems in 2015, Data Loss Prevention (DLP) will become a hot issue for business leaders, Malware will be harder to detect and shutdown, and that Raw security incidents will continue to rise.
With a commitment and understanding of the problem, industry professionals can commit to a higher system of education and prevention because as it stands, security breaches are no longer a matter of how, but a matter of when.