Avoid data breaches and keep the cyber thieves at bay

NSA Fort Meade Not even the NSA has managed to keep its network and data secure in 2014

If you want to find out how hard it is to avoid becoming victim of a data breach, just ask the NSA.

Technology of Business

Thanks to whistleblower Edward Snowden, the US spying agency has had a really bad year at a time when records for data breaches were being set and broken on a regular basis.

Target, eBay, Adobe, Valve software, Sony and many, many other firms both big and small have all been hit too. Going amiss was customers' personal data including login names, passwords and credit card numbers. Some of those firms lost tens of millions of data records.

Those breaches have real consequences - both for executives and profits. Target boss Gregg Steinhafel resigned in May largely because of the fallout from the breach it suffered last year.

Start Quote

Don't ever assume it's never going to happen to you”

End Quote Anthony Di Bello Guidance Software

And eBay has revised its estimate of how much revenue it will make in 2014 because of the "immediate and dramatic effect" the breach had on sales carried out through the auction site.

And just ask lots of US tech companies about the after-effects of Snowden's leaks. There's no doubt it has cost them contracts and goodwill in Europe.

Attack pattern

"It's not that the defenders are bad at their job," explains Anthony Di Bello, a spokesman for data forensics firm Guidance Software. "It's more that they are being overwhelmed.

"A security team has to be right 100% of the time to keep the attackers out, but the attackers can try hundreds and thousands of times a day."

eBay sign eBay experienced "several distractions" in the second quarter, including a data breach

Evidence suggests they do. Consider for a moment just one category of digital threat - malware. Figures released by security firms reveal they see more than 250,000 novel strains of malicious software every day.

"Don't ever assume it's never going to happen to you," says Mr Di Bello.

The staggering number of ways that cyber thieves try every day to get at the good stuff inside the databases of companies should be sufficient warning, says Rowland Johnson from security testing and compliance firm Nettitude.

Yet, he says, many remain complacent.

"Many organisations just do not believe a data breach will happen to them, so when it does happen it's a real shock."

Target store logo Attackers stole millions of credit card numbers from point-of-sale devices at Target tills
Recipe for disaster

Companies should prepare for the worst, says Mr Johnson, adding that adopting such a stance radically changes how they marshal their digital defences.

In the good old days, he says, all a company had to do to keep data and employees safe was defend their border. Good anti-virus, email scanning, spam filters and firewalls was just about enough to stay safe.

Now? Not so much.

Company borders have become permeable and almost impossible to define thanks to e-commerce, which means suppliers and customers have deep links to the systems inside the heart of a corporation.

Add to this employees who use their phones, tablets and laptops at home, work and on the move and you have a recipe for disaster.

hacker Anyone can fall victim to hackers and cyber thieves

Assuming that a breach is likely means accepting the truth about those porous networks and putting in place systems that help cope with that.

Top of the list is improvements to internal monitoring systems that keep an eye on who does what inside a company.

"The biggest challenge organisations have is that they do not keep enough information about what's going on in their network," he says.

Have a plan

Putting in place network monitoring and intrusion detection systems has a three-fold benefit.

Start Quote

The last thing you want to do is be winging it after the event”

End Quote Rowland Johnson Nettitude

Firstly, it should help spot the bad guys much more quickly as they make their way around a network.

Statistics show that most victims of data breaches take a long time, often months, to spot they have been compromised. And, suggests Verizon's authoritative annual Data Breach Investigations Report, companies usually hear about breaches first from customers and law enforcement agencies rather than their own security teams.

Secondly, this monitoring system should help after the breach to determine what went wrong. Nettitude does a lot of incident response work, says Mr Johnson, and it always helps to have good records.

"If they don't have the logs they need to conduct a forensic investigation it's exceedingly difficult to work out what happened when," he says.

Thirdly, that internal focus can help companies enforce the policies and practices that limit any damage done from a breach. It's far better to lose passwords or credit card details that were properly encrypted or hashed and salted than it is to lose a plain text file.

The best way to handle a data breach starts a long time before data starts to go astray, he says.

Network cables Watching what's happening on your network can help if, and when, the bad guys come calling

Preparation should involve regular penetration tests by companies that copy the methods of the bad guys. Running mock incidents will also help people cope if and when a breach comes to pass.

"Have a plan up front," he says. "The last thing you want to do is be winging it after the event."

That technique can show up vulnerabilities in people, processes and IT systems and help companies do something about them before the real bad guys turn up.

Public exposure

Start Quote

Public disclosure should be handled very carefully. Do not embellish or sugarcoat the messages”

End Quote Paul Pratley Verizon

"That preparation is hugely effective in dealing with an incident once it's occurred," says Paul Pratley, investigations manager for Verizon, who helps firms handle breaches.

"Companies should plan for when an incident occurs and put in place the security controls to detect and cope with it."

If the worst does happen companies should take steps to preserve data, hopefully gleaned from those internal monitors, and then start investigating what went wrong.

This investigations, he cautions, should be done on copies of live data not the actual bits and bytes logged day by day.

And then the hard task of communicating with customers can begin. Even then, he says, having a plan can help to reassure people that a company has not been caught napping.

As soon as possible companies should pass on information about what was lost, what they did to stop it happening and what customers need to do to stay safe.

"Public disclosure should be handled very carefully," says Mr Pratley. "Do not embellish or sugarcoat the messages."

And, he adds, there is one message that should be obvious given how many breaches there have been and what has happened in their wake.

"Everyone should understand how bad it is going to get if they do nothing."

More on This Story

The BBC is not responsible for the content of external Internet sites

More Business stories


BBC Business Live

    Prime Minister Cameron

    Prime Minister David Cameron has promised to come up with plans for new Scottish powers on tax, spending and welfare. The government is aiming to get an agreement by November. The BBC's personal finance reporter Brian Milligan is having a closer look at what that could mean.

    MARKET REACTION 07:33: BBC Radio 4

    Anne Richards, chief investment officer at Aberdeen Asset Management tells Today: "A very close vote would have been a difficult one for markets." She adds: "I think we have had a reconnection between the political establishment, business and the electorate. And it would be good to see that momentum maintained going into the general election."

    07:29: HEADLINES

    Away from Scotland's vote, shares in Alibaba start trading in New York later today. It has raised $21.8bn (£13.2bn) in one of the biggest ever stock market debuts. It is likely to use the money to expand in the US where it has a very low profile. A survey by Reuters showed that 88% of Americans had never heard of China's biggest internet firm.

    RBS STATEMENT 07:21: Kamal Ahmed BBC Business editor

    Royal Bank of Scotland has given a statement to the BBC's business editor, Kamal Ahmed, it says: "The announcement we made about moving our registered head office to England was part of a contingency plan to ensure certainty and stability for our customers, staff and shareholders should there be a 'Yes' vote. That contingency plan is no longer required. Following the result it is business as usual for all our customers across the UK and RBS."


    Patrick MacDonald former boss of John Menzies, tells the Today programme the debate over Scottish independence has changed the country forever. "Things will never be the same again," he says. There is now "a need to reform our 300 year old constitution" and the country also needs to work at reconciliation to "make sure businesses stay in Scotland".

    RBS 07:08: BBC Radio 4

    A little more from Mike Amey on the referendum result. He tells Today: " I suspect there's a very large sigh of relief at RBS [over the result] They don't have to worry about where they were going to be based and how they were going to conduct their future business."

    MARKET REACTION 07:07: BBC Radio 4

    Mike Amey, managing director and portfolio manage at bond trader PIMCO tells Today he expects the markets to open higher as a result of the Scottish referendum result. "It will be back to the data for our traders and what the Bank of England will do [on interest rates]."

    MARKET REACTION 06:49: Radio 5 live

    Adam Parsons is in the City at the offices of stockbrokers IG with their chief market strategist, Brenda Kelly. She says the opening of the FTSE 100 might be quite as dramatic as some expect. That's because markets have been predicting this outcome over the last few days. However, she says, it could "break through 6930" which would be a record high.

    06:42: Via Email Linda Yueh Chief business correspondent

    There are other uncertainties now for Scotland after this vote. But, for markets at least, the big uncertainty that could have lingered for a year and half over the currency and the economy is lessened and sentiment is positive as a result.

    06:33: Louise Cooper, CooperCity market blog

    "So it's up up and away this morning, the question is how far does it [the pound] go before reality sets back in and other political fears begin to dominate: The rows in Westminster over devolution max which has been promised. The General Election and the UK referendum on EU membership. Party conferences season resumes next week so there will be plenty of headlines to be written about the next set of political risks."

    CITY REACTION 06:27:

    The Lord Mayor of the City of London, Fiona Woolf has welcomed the outcome of the Scottish referendum. "The proposed enhanced devolution that Scotland will experience while remaining in the UK will enable its national spirit to thrive while our entwined economies and business communities prosper together," the Lord Mayor said.

    Scottish first minister Alex Slamond

    Scotland's first minister Alex Salmond has hailed 1.6 million votes for independence. He concedes that "we now know there is going to be a majority for the "No" campaign". Scotland has, by majority at this stage, voted not to become an independent country," he adds. He expects devolution promises to be honoured with "rapid force".

    ROYAL BANK OF SCOTLAND Via Email Kamal Ahmed BBC Business editor

    With No confirmed as the winner in the referendum, we can expect the Royal Bank of Scotland to say there is now no need to move domicile to London. The bank had prepared for a "Yes" vote by saying last week that it would move its headquarters from Edinburgh. I wouldn't be surprised if Ross McEwan, the chief executive, re-iterated the bank's commitment to Scotland. I am sure RBS's executives are relieved that the upheaval of independence will now not happen.


    A decisive win for the No campaign could lead to big spike in the Pound. Jeremy Cook, economist at World First says. The obvious risk to the currency markets was a Yes, and that would have caused a big sell off. Now the markets will go back to concentrating on the fundamentals of the UK economy," he adds.


    Simon Walker, director general of business group the Institute of Directors has given an interview to the BBC. He says he thinks the government will now give the green light to investment projects that had been previously held up because of the uncertainty caused by the independence referendum. He adds the ending of that uncertainty will be positive for business.

    pound versus dollar

    This chart shows the pound against the dollar over the last month. You can see it dipped to a low of $1.6071 on 10 September. That was after a poll in the Sunday Times showed a lead for the "No" campaign. It is now trading at $1.65. That's a move of 5 cents which is pretty big over two weeks.

    MARKET UPDATE 05:47: BBC Radio 4

    Asian markets are up nearly 2% overnight BBC business correspondent Linda Yueh, tells Today. The market indications are that the FTSE 100 will open 0.7% higher. That's not exactly a surge but it is a positive reaction.

    BANK OF ENGLAND 05:42: BBC Radio 4

    Justin Rowlatt is down at the Bank of England for BBC Radio 4's Today programme: He says the lights are on and staff are busy working inside. Although perhaps not quite as frantically as if Scotland was looking on course to vote Yes in the referendum. Bank governor Mark Carney cut short a meeting to fly home overnight. "He may have had a wasted trip," Justin says.

    Pound dollar

    This chart shows how the pound has faired against the dollar since the polls closed in Scotland on Thursday evening. As you can see it's strengthened from a low of $1.63 to above $1.65, that's its highest point since the start of the month. In currency market terms it's also a huge move in a short space of time.

    05:30: Ben Morris Business Reporter

    The pound has bounded higher overnight in reaction to the Scotland vote. More reaction through the morning. Stay with us.

    05:30: Matthew West Business Reporter

    Morning folks. It looks like - with 26 of 32 local authorities now having declared the result of their ballots- that the No campaign is on course to win the Scottish independence referendum. We'll bring you all the reaction from the financial markets and the business community as it comes in. As always if you want to get in touch you can email us at bizlivepage@bbc.co.uk or tweet us @bbcbusiness.



BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.