The theft of 1.2 billion unique usernames and passwords is not a bad haul for a hacker. This hack, revealed in early August, included Fortune 500 companies and a lot of small websites too—basically, any website the hackers could get their hands on. But how do hackers get their hands on all this information and what can you do to stop them?
Sense of urgency
The large numbers in the hack example above and the ever-increasing news about security breaches, may make it feel like a losing battle, but this is no time to give up. Quite the opposite attitude is necessary. It’s time that executives and security professionals alike feel a sense of urgency in protecting username and password information. This cannot be a waiting-to-get-hacked game. Organizations need to be proactive with security and take all possible measures to protect data, and that needs to happen now.
Unfortunately, the necessary sense of urgency has been waning for years.
It shows. We need to recapture it.
Getting back to the fundamentals
We’ve said it before, and we’ll say it again; don’t rely on antivirus software to protect your data. Antivirus does not protect against threats outside the software’s scope. It cannot protect you from someone physically stealing unencrypted information from a mobile device. Antivirus is just one layer of protection, but encryption and backup are equally important layers. Further, if you are storing data off-site or with a third-party, make sure you understand how that data is being protected and that it’s secure.
As hackers become more advanced at grabbing data, companies need to continue to focus on the fundamentals of data protection: encryption, secure backup and antivirus software.
Improve your security posture
It is hard to know how much security is enough security, but a comprehensive approach will significantly improve your security posture. Organizations need to prioritize their digital assets and know what information is most important to protect and most likely to be hacked. Understand the security practices of every organization that has access to data; insist on an open and honest dialog about security practices. Using the right tools, hiring the right people and putting the right security processes in place will help you fight and respond to cyber crime.
Don’t make life any easier for the cyber criminals. Make protecting your data a top priority and act on it quickly, before you’re breached. Protect your data and your customers by adding layers of defense that will be more difficult to get around. Hackers cannot steal a billion passwords without a little bit of help from negligent security programs.