Meet the Bloggers Twitter BTSecureThinking YouTube Channel Blogroll About BT Looking for more?
BTSecureThinking Resources center

SecureThinking > SecureAlert

Wednesday, April 28, 2010

Cybercrime, Cyber-espionage, and Cyberwar: Data Loss Prevention is Serious Business for Industry and Government

By Ben Rothke, Senior Security Consultant, BT Global Services, CISSP, PCI QSA

 

According to Richard Clarke, cybersecurity adviser to presidents Bill Clinton and George W. Bush, who was quoted in a recent story on National Public Radio, “The difference between cybercrime, cyber-espionage, and cyberwar is a couple of keystrokes.”

Before you accuse Clarke of having a Noam Chomsky linguistic moment, consider for a moment that Clarke is one of the few people who really gets security.  For instance, Clarke is the first to dismiss full-body scanners for the hype they are, and would rather spend the money on intelligence gathering.

As to this observation, the truth is that the technique that would allow a hacker to steal intellectual property or money is essentially the same basic technique that would allow a nation-state to get into a system and wreak havoc, according to Clarke.

So, whether you are the U.S. government trying to ensure that your military networks are well defended, or a small company trying to guarantee that your customer’s basic credit card information is secure, the bottom line is that data loss prevention (DLP) should be something you should seriously consider.

In a recent post, I explained that DLP is more than blindly deploying DLP software (that identifies, monitors and protects data) and letting it “do the work for you.”  First, remember that DLP is just one part of a larger set of information tools. Here are the other considerations I outlined:

  • Know where your company data is stored
  • Classify your data – what needs to be protected and why
  • Create a DLP strategy that details the specific business and technology needs and requirements
  • Run a pilot test with a variety of DLP products to ensure that various use cases are tested to analyze the product in different scenarios

DLP is a necessity in today’s business and government environments.  It is just one part of a greater security picture, however.  Keeping hackers at bay requires a big-picture view of what you are trying to protect and ensuring that your security solution is up to the challenge.

 

No related content found.

Posted at 2:24 PM
Tags: , , , , , , , , , ,

Bookmark and Share

One Response to “Cybercrime, Cyber-espionage, and Cyberwar: Data Loss Prevention is Serious Business for Industry and Government”

  1. Data breaches – the new daily reality « SecureThinking says:
    August 11, 2010 at 1:49 pm

    [...] alone does not cut it.  And security hardware and software alone won’t cut it, even if you use DLP.  The answer is that there is no answer and that data breaches are not only inevitable, they are [...]

    Reply

Leave a Reply