Avoid data breaches and keep the cyber thieves at bay

NSA Fort Meade Not even the NSA has managed to keep its network and data secure in 2014

If you want to find out how hard it is to avoid becoming victim of a data breach, just ask the NSA.

Technology of Business

Thanks to whistleblower Edward Snowden, the US spying agency has had a really bad year at a time when records for data breaches were being set and broken on a regular basis.

Target, eBay, Adobe, Valve software, Sony and many, many other firms both big and small have all been hit too. Going amiss was customers' personal data including login names, passwords and credit card numbers. Some of those firms lost tens of millions of data records.

Those breaches have real consequences - both for executives and profits. Target boss Gregg Steinhafel resigned in May largely because of the fallout from the breach it suffered last year.

Start Quote

Don't ever assume it's never going to happen to you”

End Quote Anthony Di Bello Guidance Software

And eBay has revised its estimate of how much revenue it will make in 2014 because of the "immediate and dramatic effect" the breach had on sales carried out through the auction site.

And just ask lots of US tech companies about the after-effects of Snowden's leaks. There's no doubt it has cost them contracts and goodwill in Europe.

Attack pattern

"It's not that the defenders are bad at their job," explains Anthony Di Bello, a spokesman for data forensics firm Guidance Software. "It's more that they are being overwhelmed.

"A security team has to be right 100% of the time to keep the attackers out, but the attackers can try hundreds and thousands of times a day."

eBay sign eBay experienced "several distractions" in the second quarter, including a data breach

Evidence suggests they do. Consider for a moment just one category of digital threat - malware. Figures released by security firms reveal they see more than 250,000 novel strains of malicious software every day.

"Don't ever assume it's never going to happen to you," says Mr Di Bello.

The staggering number of ways that cyber thieves try every day to get at the good stuff inside the databases of companies should be sufficient warning, says Rowland Johnson from security testing and compliance firm Nettitude.

Yet, he says, many remain complacent.

"Many organisations just do not believe a data breach will happen to them, so when it does happen it's a real shock."

Target store logo Attackers stole millions of credit card numbers from point-of-sale devices at Target tills
Recipe for disaster

Companies should prepare for the worst, says Mr Johnson, adding that adopting such a stance radically changes how they marshal their digital defences.

In the good old days, he says, all a company had to do to keep data and employees safe was defend their border. Good anti-virus, email scanning, spam filters and firewalls was just about enough to stay safe.

Now? Not so much.

Company borders have become permeable and almost impossible to define thanks to e-commerce, which means suppliers and customers have deep links to the systems inside the heart of a corporation.

Add to this employees who use their phones, tablets and laptops at home, work and on the move and you have a recipe for disaster.

hacker Anyone can fall victim to hackers and cyber thieves

Assuming that a breach is likely means accepting the truth about those porous networks and putting in place systems that help cope with that.

Top of the list is improvements to internal monitoring systems that keep an eye on who does what inside a company.

"The biggest challenge organisations have is that they do not keep enough information about what's going on in their network," he says.

Have a plan

Putting in place network monitoring and intrusion detection systems has a three-fold benefit.

Start Quote

The last thing you want to do is be winging it after the event”

End Quote Rowland Johnson Nettitude

Firstly, it should help spot the bad guys much more quickly as they make their way around a network.

Statistics show that most victims of data breaches take a long time, often months, to spot they have been compromised. And, suggests Verizon's authoritative annual Data Breach Investigations Report, companies usually hear about breaches first from customers and law enforcement agencies rather than their own security teams.

Secondly, this monitoring system should help after the breach to determine what went wrong. Nettitude does a lot of incident response work, says Mr Johnson, and it always helps to have good records.

"If they don't have the logs they need to conduct a forensic investigation it's exceedingly difficult to work out what happened when," he says.

Thirdly, that internal focus can help companies enforce the policies and practices that limit any damage done from a breach. It's far better to lose passwords or credit card details that were properly encrypted or hashed and salted than it is to lose a plain text file.

The best way to handle a data breach starts a long time before data starts to go astray, he says.

Network cables Watching what's happening on your network can help if, and when, the bad guys come calling

Preparation should involve regular penetration tests by companies that copy the methods of the bad guys. Running mock incidents will also help people cope if and when a breach comes to pass.

"Have a plan up front," he says. "The last thing you want to do is be winging it after the event."

That technique can show up vulnerabilities in people, processes and IT systems and help companies do something about them before the real bad guys turn up.

Public exposure

Start Quote

Public disclosure should be handled very carefully. Do not embellish or sugarcoat the messages”

End Quote Paul Pratley Verizon

"That preparation is hugely effective in dealing with an incident once it's occurred," says Paul Pratley, investigations manager for Verizon, who helps firms handle breaches.

"Companies should plan for when an incident occurs and put in place the security controls to detect and cope with it."

If the worst does happen companies should take steps to preserve data, hopefully gleaned from those internal monitors, and then start investigating what went wrong.

This investigations, he cautions, should be done on copies of live data not the actual bits and bytes logged day by day.

And then the hard task of communicating with customers can begin. Even then, he says, having a plan can help to reassure people that a company has not been caught napping.

As soon as possible companies should pass on information about what was lost, what they did to stop it happening and what customers need to do to stay safe.

"Public disclosure should be handled very carefully," says Mr Pratley. "Do not embellish or sugarcoat the messages."

And, he adds, there is one message that should be obvious given how many breaches there have been and what has happened in their wake.

"Everyone should understand how bad it is going to get if they do nothing."

More Business stories


BBC Business Live

    09:35: ROYAL MAIL JOBS
    Royal Mail staff at the St. Rollox sorting office in Glasgow,

    Incidentally, Royal Mail has also started its annual recruitment drive to help with the Christmas post, saying 19,000 temporary jobs will be available. Now all we need is the first Christmas ads and John Lewis to put its Christmas decorations up in store, and we're all set for the traditional retail frenzy that embodies the spirit of the festive season. That's right, isn't it?

    AMAZON JOBS Via Twitter Ben Thompson Business correspondent, BBC News Channel

    tweets: "Amazon to create 13,000 seasonal jobs in run up to Christmas. On busiest day last year, customers ordered 4.1m items - 47 every second."

    09:07: SAP DOWNGRADE

    German software developer SAP has fallen 3.9% this morning in Frankfurt after letting on that 2014 profit will be lower than previously forecast. Services in the cloud are putting pressure on profits.

    08:50: FORD INVESTMENT Radio 5 live

    Ford is investing about £200m at its Dagenham plant creating about 300 jobs to make diesel engines. Mark Ovenden of Ford is on 5 live. Engines are Britain's strength in vehicle manufacture, he says.

    08:39: MARKET REPORT

    The FTSE 100 is behaving a bit oddly in early trading. It opened up 8 points this morning then promptly remembered the eurozone is teetering on the edge of a third crisis and there's less global economic growth out there and fell again. Now it's up 3 points again at 6313.64 . The situation is a bit worse for Germany's Dax - down 52 points to 8797.85 - and France's Cac-40 - down 23 points to 4010.12.

    08:28: TAX MARK

    SSE is touting its award of the new Fair Tax Mark, which has been set up to show companies are being open about what tax they pay. Other recipients include Go-Ahead Group , Midcounties Co-operative, Phone Co-op and Unity Trust Bank. Margaret Hodge, chair of parliament's Public Accounts Committee, said she hoped other companies would follow SSE's example.

    Computer generated image of the floating cycle route

    Is the floating bike path a sustainable solution or an expensive distraction? We think you probably just need to look at the picture (above) for the answer to that question. But if you really feel the need to read about one of the more outlandish proposals being considered by Mayor of London Boris Johnson then by all means take a look. Some have baulked at the £600m price tag. But no doubt the team behind the 'Thames Deckway' thought "Boris. Keen Cycler, loves things that float (think airports), it's bound to be a winner."


    Drugs firm Shire has announced that interim chief financial officer James Bowling has resigned after ten years with the firm. He is joining Severn Trent as CFO and will leave Shire at the end of March 2015. Shire saw more than 30% of its share value wiped out last week after the collapse of a £32bn takeover from US rival AbbVie. Shire will start the search for a new CFO immediately.

    The badge of Greene King brewers on a pub wall

    Spirit pub company, which runs about 750 pubs, says Greene King has made a better offer to take the company over. They would get 0.1322 Greene King shares per Spirit share and a cash payment of 8 pence, worth a total of about 109.5 pence. Spirit's board says it may recommend the offer once a few details have been ironed out.

    Chancellor of the Exchequer George Osborne

    Don't expect any traditional tax giveaways ahead of the general election. In a move akin to "good luck, there's no money left", Cabinet ministers have been warned by the Treasury that it is likely they will have to rein in their spending in the run-up to the election because of a shortfall in tax revenues and concerns about the global economy, the Financial Times has reported today. Treasury secretary Danny Alexander has told the Cabinet tax revenues are not recovering as quickly as the economy so he might have to impose new spending controls in the Autumn Statement. Yikes.

    07:21: BANK OF JAPAN

    Japan's central bank has maintained its economic assessment for eight of the country's nine regions in its quarterly report, saying they continue to recover. The north-eastern Tohoku region cut its assessment from July, to say that the recovery trend is slowing.

    07:07: IBM NEWS

    IBM says it will make a "major business announcement" today. Various newspapers including the Wall Street Journal think it will sell off its loss-making microchip-making business. IBM will pay Globalfoundries $1.5bn (£931m) to take the chip operations off its hands, says the WSJ.

    06:50: UK GROWTH BBC Radio 4

    Peter Spencer, economic adviser to the EY Item Club, tells the Today programme housing investment along with business investment has been responsible for "about half of the economic growth" we have see in the UK since the start of the recovery. But people are beginning to worry about global growth and the UK's economic outlook. Concerns about economic developments at home and abroad has meant there are already signs of "a return to caution by both borrowers and lenders in the mortgage market".


    Last week's stock market sell off is on the business agenda today. "Everyone was feeling nervous. We just need a very small straw to break the camel's back I think it was the Ebola virus," James Bevan chief investment officer at CCLA Investment Management tells the Today programme. "We had a lot of other things going on but I think Ebola was the thing that made investors say to themselves 'let's sit this one out'. There has been no real change in the hard economic data." He is worried about bond yields spiking "as they did in 1987" though.

    06:24: EUROZONE ECONOMY Radio 5 live
    Jose Manual Barroso

    Jose Manual Barroso, outgoing President of the European Commission, has told the BBC he doesn't think another recession in the eurozone is likely. Official statistics suggest a "weaker recovery than anticipated. Elmar Brok, a German member of the European Parliament is on Radio 5 live and says Britain should be "more positive towards the eurozone"

    06:13: INTERN PAY Radio 5 live

    Christian May from the Institute of Directors is on 5 live talking about employment reform, including reforms to how interns are paid, or otherwise. "It's worth considering it's unlikely to be a silver bullet," he says. There's a chance restrictions could be gamed to allow employers not to pay interns. While 25% of businesses have interns they don't pay, "in this day and age its getting difficult to justify having someone work for them and not paying them."

    06:03: ETHICAL INVESTMENTS Radio 5 live

    Justin Urquhart Stewart of 7 Investment Management is on 5 live talking about ethical investment. "It's very badly marketed so people don't understand it ," He says. But because such investments strip out companies such as tobacco, alcohol, arms and oil, returns can also be slim.

    06:01: Howard Mustoe Business reporter

    Good morning. Get in touch via email bizlivepage@bbc.co.uk and twitter @BBCBusiness.

    06:00: Matthew West Business reporter

    Morning folks. It's a gloomy start to the day with the EY Item Club downgrading its 2015 UK economic growth forecast quite sharply this morning as a result of the global slowdown and uncertainty over interest rates. There's more housing market data out later and the Prime Minister is going to be pushing for more apprenticeships today too. We'll bring you more as it happens.



From BBC Capital


  • FishThe Travel Show Watch

    Meet the Helsinki market trader who sells fish to the President of Finland

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.