Big is beautiful, but not when it comes to data breaches. Take Facebook. This year they’ve seen data breaches in the hundreds of millions of dollars and market capitalization loses in the tens of billions.
Now they are being threatened with a massive fine by European regulators for their latest data breach. Under Europe’s new General Data Protection Regulation (GDPR), firms who fail to protect user data can be fined up to 4% of global annual revenue – in Facebook’s case that could be over $1.5bn.
Why?
GDPR gives organizations a much shorter window to report a breach so consumers get an earlier picture when their data is compromised, but in the eyes of European regulators Facebook has been slow to clarify the nature of the breach, the scale of the breach and the risk to its users.
Yet Facebook had spent millions to be GDPR compliant.
Right now, many CFOs will be asking if the collective billions American organizations have spent to avoid the threat of multimillion-dollar fines and penalties from the EU was money well spent. The question I think they should ask is does our investment enable us to rapidly report a breach and forensically analyze it? If the answer is a no, then it’s time for a plan b.
One potential answer may just be full network packet capture.
How could it help?
Total network history
When organizations have 100% network history, rapid and accurate detection of breaches can happen. Network sniffing and metadata give a partial picture, but capturing and storing all network IP packets, even the busiest network traffic, with the best lossless capture rates gives the full one. These high-fidelity traffic records are logged and stored, making detection easier and faster.
Extended packet capture timeline
To make detection realistic the network history must go back 140 days+ from the discovery of a breach. Most organizations store 4 days, which means no visibility of when the breach occurred. New full network packet capture tools can now store petabytes of data on premise, making 100s of days of data constantly available for search.
Powerful and fast search
Detection and remediation speeds of these massive data stores is fast. Now petabytes of network traffic can be searched in minutes, smarter logging further accelerates discovery, as does on premise storage.
Lower cost data storage
100% network history extended over months even years and searchable in minutes, sounds costly. It isn’t. Full network packet capture tools can now store petabytes of data at up to 80% less than other solutions.
It could well get worse.
There’s a growing belief that the States should ape GDPR, (ironically Mr Zuckerberg sang its praises at his Senate hearing). Today, according to the Ponemon Institute, a data breach costs an organization on average $3.8 million, tomorrow that number could go through the roof.
One parting thought. A security breach is the gift that keeps on giving. How long has it taken Home Depot to manage the legal consequences of its breach? Equifax is dealing with 240 class action lawsuits. Clearly a regulatory fine is only part of the fall out. How do you manage the legal ramifications of a cyberattack? Hear from Jeremy Holt, one of the most experienced IT lawyers in the UK, talk about strategies to better deal with the legal consequences of a data breach.
