Skip to main content

The data breach question: No longer “if” but “when”

If the increasingly frequent news of large-scale data breaches (i.e. Ashley Madison, Target, Sony, etc.) has proven anything, it confirms that there’s no longer a question of whether an organisation will be breached, but rather when.

Companies need to know what to do to mitigate this risk and how to quickly respond to contain the damage breaches like these cause when they do happen. While executives, board members, consumers, employees, and partners are all concerned about breaches, it’s only companies that are proactive in building internal safeguards to minimise the impact of a breach that are in a much better position to defend against their cost and damage.

It is clear that in recent times that companies have made a mental shift from relying on the prevention of breaches at the perimeter to ensuring they have damage control and resiliency when one does occur. It no longer seems to be a career-limiting move for a security professional to make a statement such as “I know we are likely to be breached, I just don’t know how.” What is career-limiting, however, is being exposed as unprepared and ill-equipped to minimise the damage associated with a breach. This new attitude is reshaping how organisations approach IT security.

The reality is that it’s next to impossible to predict and stop every attack. In today’s digital world, users need access to a myriad of critical systems, applications, and data in order to do their jobs. These assets not only exist behind the corporate firewall, but the growing trend of SaaS application adoption often means that they exist outside of the corporate network, as well. Add the fact that the way users are accessing these assets is becoming ever more diversified through the adoption of mobile computing, and you have a very complex environment. The traditional network perimeter is rapidly vanishing, so relying on a well-protected wall around the corporate network is no longer a sufficient form of security.

One of the most encouraging signs of the change in attitude is that the vast majority of organisations are recognising the need for visibility and control over who has access to what for all application types, both in the cloud and on-premise, independent of the device they are using for that access. This is precisely what identity and access management does.

Putting an effective identity management solution at the center of their security strategy allows organisations to quickly react to a breach, better understand who and what is at risk and potentially shut down an attack from spreading. So, while we should do what we can to protect against a breach, there are definitive steps a company can take to increase its resiliency and potentially reduce the negative impact of a breach when it does occur.

After all, it’s the severity of the data loss, not simply the fact that they were breached, that will impact a company’s business, damage its brand and ultimately, impact its bottom-line.

Kevin Cunningham, president and founder, SailPoint

Image source: Shutterstock/wk1003mike