It's a dangerous and scary time to run a business. Hackers are becoming ever more sophisticated in their attempts to steal valuable information, and the threat of attack feels ever more present, with several large companies and their customers falling prey to the whims of aggressive cyber criminals.
"It's as dynamic a threat environment as I've seen," says Bryan Rose, managing director of Stroz Friedberg, a computer forensics firm. "Companies are getting hit from all sides."
How can you protect yourself, your business and your clients? The best advice might surprise you.
Focus on reacting to a breach, not just preventing one
No cybersecurity expert is going to tell you that you shouldn't try to prevent an attack on your company's system. But they likely will tell you that no matter how hard you try, someone, sometime, is going to get in anyway. That's why you have to be ready, on the lookout, and prepared for the worst.
"The reality is, you are going to be breached at some point," Jason Bevis, global director for deployment and integration at network security company FireEye said at a recent panel on hacking. "The key is how quickly can you react?"
Bevis and others recommend that in addition to having prevention software in place, every business should also have a trained IT staff proactively hunting for attackers in their networks by looking for traces of an infiltration, known as "indicators of compromise."
"It's not uncommon to go into these situations where people have been in the network for extended periods of time because companies weren't prepared enough to identify an attack -- especially where there are motivated and persistent adversaries," Rose told CBS News.
The much-publicized Sony breach is a prime example of a highly motivated and persistent adversary working within the system for a long time before releasing a damaging assault.
Yisroel Hecht, New York City's associate commissioner of IT security, says that in addition to prevention and detection, organizations need to focus on resilience, or the ability to recover from a security breach should one interfere with daily operations.
"What happens if you to have to refigure every hard drive on every computer in your network?" he queries. It's crucial to have a Plan B.