McAfee: Breaches Escalating Despite Better Education, Technology
… patch the same day a patch becomes available and the world won’t come to an end,” she said. “Not patching may result in a breach that makes you wish it would come to an end. How many major breaches have we seen over the last 24 months that could have been avoided if applications and operating systems had been patched in a more timely manner?”
In addition, organizations need to educate their teams on what it means to implement security in the cloud, Worley said. Although the cloud “isn’t quite the Wild Wild West anymore, there is still a lot of learning to do when it comes to how to secure your data and applications across IaaS, PaaS, and SaaS,” she said.
“Third, one of the top data exfiltration methods called out in the report is USB drives,” she said. “How long have we had file and removable media encryption and DLP? You can password protect and encrypt data, ensuring that it is secure on a USB drive. You can implement DLP policies that prevent confidential data from being moved on the drive in the first place. There are very straightforward tools that address this threat that are not onerous for organizations to implement. They can be managed to limiting impact to user productivity while materially mitigating the risk of a breach.”