What Have We Learned from Recent Breaches: 8 Lessons to Take to Heart

Webinar Registration

It would be nice if there were a risk-free way for organizations to publish the lessons they (hopefully) learned from data breaches because we could all benefit. But the good news is that things eventually leak out, details are shared with responsible reporters and if you do your research you can learn a lot from data breaches in the months after they fade from the headlines.

And that's exactly what we're doing with the breaches that have occurred over the last year or so, both in the commercial and federal space. Rather than being a Monday morning quarterback our goal is to take a constructive approach to analyzing what we know about these incidents and look for opportunities that the rest of us can exploit (in a good way :)!) to prevent or at least limit the impact of similar breaches on our networks.

Here's a sampling of what we are finding and as you will note, some of them are definitely the basics but that makes them all the more important to consider.

Having policies but not following them; ineffective controls
Weak passwords
Incomplete patching
Vulnerability scanning without a purpose
Segment network and people
If your pentest doesn't find anything; get another tester
PCI certification doesn't mean much
Insulate yourself against vendor/contractor risks/breaches

Something to think about is the fact that many of these organizations are reputable successful institutions who weren’t new to cyber security. Yet some of the failures are really basic. These organizations had policies and controls in place yet some of the very risks they were supposed to mitigate were exploited by the attackers. Why?

That may be the most important lesson of all. Dell Software is our sponsor for this event and Alvaro Vitta will briefly show how their array of security solutions can help you implement the lessons learned – especially the most important one.

And it is important because the damage is big from breaches. For many organization the long-term consequences have yet to be assessed but people lose jobs, there are hard costs to the business just cleaning up from the incident, customers leave and this list goes on.

Don't miss this real training for free™ event. Please register now.

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Job Title:	Required
Organization:	Required
Country:	Required
Address:	Required
City:	Required
State:	Required
Zip/Postal Code:	Required
Organization Type :	RequiredRequired
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.