“An ounce of prevention is worth a pound of cure”. Benjamin Franklin coined this expression to help convey that it is better to try to avoid problems in the first place rather than attempt to fix them once bad things happen. Waiting to fix these issues can be very costly – as many organizations have discovered when responding to data breaches. Unfortunately research from the Ponemon Institute indicates that threats are not going away anytime soon. Dr. Ponemon indicates “The threat from cyber attacks today is nearing statistical certainty, and businesses of every type and size are vulnerable to attacks.”
The Verizon 2011 Data Breach Investigations Report back up Ben’s advice as it pertains to managing organization’s logs. According to the report, less than 1% of the breaches that they analyzed were discovered through log analysis, while 69% of those breaches were detectable via log evidence. This data leads me to believe that either:
- Organizations are not maintaining and using the their logs to identify unusual behavior
- OR, they maintain logs, but are not taking advantage of the data that is available to them.
Less than 1% of the breaches analyzed were discovered through log analysis, while 69% of those breaches were detectable via log evidence.
– Verizon’s 2011 Data Breach Investigations Report
Moving forward, organizations must take a more preventative approach. Data protection requirements in the European Union, Canada as well as the United States expect organizations to show that they are doing their due diligence to protect both customer and employee data. These countries are enforcing stiff penalties to companies that show negligence protecting sensitive data.
According to the Verizon report, 46% of breaches are discovered by external parties. A preventative approach must be taken to discover anomalies and breaches internally. Most organizations are already logging critical data from their servers and devices. Why not take advantage of this data that is already at your fingertips? While administrators are often overwhelmed by the vast quantity of data that is reported from their logs, tools like WhatsUp Log Management can help automate, alert and report on data anomalies occurring within your network.
To that end, the Ipswitch Network Management division today announced the inclusion of new European Union data protection reports in WhatsUp Log Management release v10.1.1. New functionality will assist customers address data protection reporting mandates and includes new reports for:
- United Kingdom Data Protection Act 1998
- United Kingdom Corporate Governance Code 2010
- German Federal Data Protection Act 2009
- French Data Protection Act 2004
- French Financial Security Law 2003