The massive Equifax breach has captured the headlines for days, and for good reason.
The magnitude of this breach is unprecedented and unlike a breach that involves credit card data, these millions of victims will be at increased risk of fraud for the rest of their lives.
You cannot get a replacement Social Security number because your service provider had inadequate security measures.
Given the frequency of major breaches, it’s understandable if consumers are suffering from breach fatigue and not paying a lot of attention.
But this breach is especially alarming and serious. Almost all the data that credit reporting companies like Equifax hold is sensitive, and much of it is used to establish identity, such as birth dates, addresses and driver's licenses, and other data types are routinely used to verify identity.
It’s one thing to ask a consumer to change a password, but how do you change your birth date?
This also highlights that web applications remain a major vector of attack. Even as vulnerabilities are found and patched, hackers are developing new fileless techniques to fly under the radar of most security tools. It’s no longer adequate to base security defenses on past attacks. We need to shift to real-time monitoring and security for web applications and all the processes that support them.
It’s clearly early days for this news, and we can expect to learn more about the details in the future. With nearly every publicly announced breach, there’s new information discovered after the initial disclosure.
The best time to develop a response plan for a breach is well before one occurs. Information security teams at other organizations should use this incident as an opportunity to evaluate their own plans. All organizations that collect and store sensitive data are targets.
Doing the basics right, such as ensuring secure configurations, managing vulnerabilities and capturing log data, is the most effective way to prevent breaches.
A breach isn’t a single point in time, but a span of time in which an organization is compromised. Prevention is primary, but detection and response are absolutely necessary as well.
