The regularity with which large-scale cyberattacks are now reported is frightening to say the least. Enterprises are in constant danger of being hacked directly, or as a result of uninformed decisions made by employees, further highlighting the significance of security beyond traditional methods, such as a managed SIEM service. The latest high-profile victim was Scottrade Inc., a discount brokerage firm. Personal information for 4.6 million clients was accessed as a result of a hack that could potentially have been detected.
Assessing the damage
Coming off the heels of the massive Experian data breach that compromised the personal information of more than 15 million customers and potential customers, Scottrade revealed on Oct. 2 that its system was breached between late 2013 and early 2014, The Wall Street Journal reported recently. The criminals obtained the names, addresses, email addresses and social security numbers of approximately 4.6 million clients. This begs the question how a major financial services company could be unaware that such a large breach had occurred.
Scottrade only learned of the breach in August 2015, after being informed by federal investigators who had been in the process of tracking data theft occurring in several financial companies. The good news is that there have been no signs of duplicitous trading platforms, and for the time being, clients’ funds appear to be safe. What’s more, the company has said that even though Social Security numbers were accessed, the hackers were primarily after contact information. A SIEM service likely could have detected the breach. At minimum, it would have alerted Scottrade that a large, suspicious data transfer was occurring.
Happy National Cybersecurity Awareness Month
Ironically, the Department of Homeland Security has designated this month as one to promote awareness of the importance of cybersecurity. And while starting the first week with headlines of multiple high-profile breaches probably was not exactly what it had in mind, people are certainly being made aware of the importance of cybersecurity.
In fact, it was also revealed Sep. 30 that Donald Trump’s hotels were hacked. According to CNN, several of the presidential candidate’s hotels were breached between May 2014 and June 2016, and anyone who used a credit card as payment is a potential victim. Account numbers, expiration dates and security codes may have been procured by the cybercriminals responsible for this particular incident.
Where do we go from here?
Organizations big and small risk facing enormous losses, whether in the form of recovery costs or lawsuits, making safeguarding sensitive company and client information a top priority. SIEM-as-a-service is one method of doing this; Think of it as the eye of Sauron, only far less bent on killing Frodo and more focused on monitoring traffic within corporate systems.
In other words, managed SIEM services help protect enterprise networks, and it does this by providing alerts on any data or suspicious activity as it gets flagged. A team of security experts aided by a SIEM cloud weeds out the false positives, and the IT teams are alerted to only real security incidents that require investigation. This is a huge benefit since traditional SIEM software can generate hundreds of alerts, making it harder for the IT team to identify breaches.
While nothing is guaranteed given the sheer quantity of existing cyberthreats, chief security officers will hopefully rest a little easier tonight, despite the bevy of breaches that have broken in the news this week. The good news is that there is a solution that can counter these new threats. SIEM software has been available for many years. However, managed SIEM is a new concept and really delivers on the promise of SIEM by solving the problems that have plagued SIEM deployments, namely high cost, long deployment cycles and hard to maintain systems.
Cybersecurity news and analysis brought to you by Arctic Wolf, leading provider of managed SIEM services.