[BreachExchange] Five reasons CISOs need to care about fibre security

Audrey McNeil audrey at riskbasedsecurity.com
Fri Jul 8 14:19:03 EDT 2016


http://www.telecomstechnews.com/news/2016/jul/08/5-reasons-cisos-need-to-care-about-fiber/

With all the talk about the cloud, virtual networks, and ransomware these
days, it's easy to forget there's a physical network underneath all these
digital services that needs security too. It's the physicality of the
fibres and cables that take our data from point A to point B that makes
them vulnerable in different ways than what you'd typically envision with a
hacker attack.

For example, in the San Francisco area last year there were 16 known
attacks where the fibre optic cables were physically cut below the city.
Today's security threats come from all sides, and chief information
security officers (CISOs) must leverage new and robust encryption
technologies to ensure data remains protected at all times and in all
places.

Part of that requires CISOs to care about fibre—here are five reasons why:

C-level officials need to be involved in data security

In 2015, approximately 1,700 data breaches resulted in compromises to over
700 million records and an average cost of $6.5 million. Attacks to
networks or enterprise systems can come from external hackers, malicious
insiders, or both.

The cloud actually exists below us

The subsea system of almost 300 submarine fibre optic cables that makes the
cloud possible transports nearly all of the world's international traffic.
A single disruption of the right cables at the right time could result in a
global Internet blackout for an extended period of time.

Not securing data is dangerous and expensive

New government regulations and laws have been introduced to ensure that
vulnerable and sensitive information remains protected. Fines for not
securing this data in the event of a breach are steep, affecting the
company's bottom line. A recently introduced Dutch Data Breach Notification
law has fines of up to € 810,000 or 10% of the organisation's annual net
turnover.

Traveling data needs protection too

Too often, we focus on protecting our data when it's at-rest on a server or
in a data centre. However, it's just as vulnerable (if not more so) while
in-flight between diverse data centre locations. Adding optical encryption
capabilities reduces the risk of compromise while data travels, whether
it's going across the street or across the globe.

A holistic approach is best

A standout data security strategy strikes a balance between server
security, at-rest data encryption, and in-flight data encryption. In
today's environment, you need to employ the best of all three to keep your
data protected—no matter where it resides. The silos are coming down and
the number of threats is going up.

The smart CISOs of the future will be the ones who care about the five
points above and are able to get ahead of the pack when it comes to
securing their data and their networks. So... are you ready?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160708/bd094f59/attachment.html>


More information about the BreachExchange mailing list