Welcome!

@DevOpsSummit Authors: Liz McMillan, Elizabeth White, Pat Romanski, Jason Bloomberg, Yeshim Deniz

Related Topics: @CloudExpo, Containers Expo Blog, Cognitive Computing , CMS, Cloud Security, @BigDataExpo, SDN Journal, @DevOpsSummit

@CloudExpo: Article

Data Breach Handling | @DevOpsSummit #DataCenter #DevOps #InfoSec

A data breach could happen to anyone. Data managed by your company is valuable to someone, no matter what the data is

A data breach could happen to anyone. Data managed by your company is valuable to someone, no matter what the data is. Everything has a price tag on the dark web. It is especially true when it is customer data, such as personal and payment card details.

When your customers' data turns up somewhere unexpected on the Internet, you may feel the world is collapsing around you. People start tweeting about the hack, angry customers phone in, and Brian Krebs publishes his first article. Your organization switches to an emergency mode to handle the situation. It is the time when your incident response team takes control to put the genie back in the bottle.

More Attention on Data Breaches
The risk of data breaches should concern all decision makers by now. According to the latest report from Identity Theft Resource Center (ITRC), the total number of data breaches has increased this year compared to the figures from 2014. As the chances of having a breach increase, preparedness becomes more important than ever.

Furthermore, data breaches receive more media coverage, and customers become more concerned about the security of their personal data than ever. Target upset its shoppers with forcing them to replace their credit cards and to keep an eye on their credit reports. Customers of VTech were worried what happens with their kids' photos and personal details. TalkTalk subscribers wanted to abandon their contracts and called the CEO to step down.

Keeping the Customer Happy
When the unthinkable happens, your customers will demand answers. They all want to know how the breach would affect them, and what the company is going to do to prevent it from happening again.

If your organization can provide these answers and communicates things, chances your customers regain confidence in your brand is high. It never leaves a sour taste in your customers' mouth if the company demonstrates competence while handling the breach. Therefore, being prepared is good for the business.

Types of Data Breaches
The reason behind data breaches varies. According to Verizon and Mandiant, the top data breach reasons are human error, crimeware (or malware), insider misuse, physical theft and web attacks.

The majority of the media-covered breaches can be narrowed down to two variants, however: malware and web attacks.

Hackers got into Ashley Madison, Sony Pictures, and OPM through well-crafted malware such as backdoor software. On the other hand, customer data from VTech and TalkTalk was accessed by the notorious web attack named SQL injection.

Responding to the Breach
The different types of data breaches require different response strategies. The good news is, however, your incident response team can handle the same type of breach in a somewhat formalized manner.

For instance, your incident response team would probably respond to malware associated data breaches as the following:

  1. Identify the source (i.e. information system) of the data leak
  2. Investigate how the information system was compromised
  3. Generate indicators of compromise (IoC) from the malware
  4. Find other infected systems on your network with the IoCs
  5. Clean-up each identified system from the malware
  6. Monitor for potential new infections using the IoCs

The incident response team also queries internal tools (SIEM), external services (Threat Intelligence feeds), and engages internal staff such as IT to collect information for the investigation. Having the necessities in order, along with playbooks and automation could all make the overall response process smooth and consistent.

Legal and PR Matters
In parallel, the incident response team would determine the scope of the data breach. There are two questions need to be answered: how long the data breach has been going on and what data was affected.

The answers typically serve as an input for your legal and PR teams:

  • Legal team: Your company may have legal obligations to do certain things, such as reporting the data breach to the privacy officer or notifying your customers. These obligations depend on the nature of the data that is involved.
  • PR team: Press releases, interviews, and responses to customer queries on social media are things the PR team handles during a breach. To make sure crisis communication is right, they also need input from the incident response team.

Central Hub of Information
Because the incident response team coordinates the remediation efforts across the organization, they also serve as a central hub for information. Firstly, the team collects information that sets the general direction of the remediation process. Secondly, the incident response team shares information with others such as your legal and PR teams.

As the incident response team collects, processes, and shares a large amount of information, it is a wise decision to invest in an information sharing platform. It eases the information flow between all parties during the investigation process. Besides, the accumulated data could be invaluable for handling future breaches.

Summary
The total number of data breaches and the records affected is still on the rise. At the same time, the media provides a wider coverage of these events. As a consequence, customers are more concerned with the security of their private data than ever.

Your organization should respond to this challenge by preparing for the inevitable. The solution is well-prepared incident response team, which could manage the situation in a competent manner.

Playbooks should be prepared and practiced that covers the most frequent types of data breach scenarios. Good incident coordination depends on information gathering, processing, and sharing. Well-informed PR and legal teams could build an effective crisis communication strategy to regain customer trust.

More Stories By Rishi Bhargava

Rishi Bhargava is Co-founder and VP, Marketing for Demisto, a cyber security startup with the mission to make security operations - “faster, leaner and smarter.” Prior to founding Demisto, he was Vice President and General Manager of the Software Defined Datacenter Group at Intel Security. A visionary and technology enthusiast, he was responsible for delivering Intel integrated Security Solutions for datacenters.

Before Intel, he was Vice President of Product Management for Datacenter and Server security products at McAfee, now part of Intel Security. As an intrapreneur at McAfee, he launched multiple products to establish McAfee leadership in risk & compliance, virtualization, and cloud security. He joined McAfee by way of acquisition in 2009 (Solidcore, Enterprise Security Startup). At Solidcore, he was responsible for Product Management and Strategy. As one of the early employees and member of the leadership team, he was instrumental in defining the company's product strategy and growing the business.

Rishi has over a dozen patents in the area of Computer Security. He holds a BS in Computer Science from Indian Institute of Technology, New Delhi and a Masters in Computer Science from University of Southern California, Los Angeles. He is passionate about new technologies and industry trends and serves as an active advisor to multiple startups in silicon valley and India.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@DevOpsSummit Stories
Many companies start their journey to the cloud in the DevOps environment, where software engineers want self-service access to the custom tools and frameworks they need. Machine learning technology can help IT departments keep up with these demands. In his session at 21st Cloud Expo, Ajay Gulati, Co-Founder, CTO and Board Member at ZeroStack, will discuss the use of machine learning for automating provisioning of DevOps resources, taking the burden off IT teams.
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capability.
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for dementia, etc. For more information, visit http://www.e-suzuki.co.jp/en/.
With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In his session at @DevOpsSummit at 21st Cloud Expo, Chris Van Tuin, Chief Technologist, NA West at Red Hat, will discuss: The top security risks with containers and how to manage these risks at scale including Images, Builds, Registry, Deployment, Hosts, Network, Storage, APIs, Monitoring/Logging, and Federation.
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of engineers can navigate the Carrier Ecosystem for your IT team acting as an extension of your business, producing a hassle-free experience.
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more information, visit http://www.nihon-micron.co.jp/.
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http://www.ryobi-sol.co.jp/en/.
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak.co.jp/en/.
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp empowers global organizations to unleash the full potential of their data to expand customer touchpoints, foster greater innovation and optimize their operations.
Most of the time there is a lot of work involved to move to the cloud, and most of that isn't really related to AWS or Azure or Google Cloud. Before we talk about public cloud vendors and DevOps tools, there are usually several technical and non-technical challenges that are connected to it and that every company needs to solve to move to the cloud. In his session at 21st Cloud Expo, Stefano Bellasio, CEO and founder of Cloud Academy Inc., will discuss what the tools, disciplines, and cultural aspects are that enterprise companies are considering to get to the cloud and eventually transform the way they build software and services.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.interface-amita.com/aboutus/interface_profile.asp.
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, visit http://www.krcnet.co.jp/eng_site/e_index.htm.
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data and analytics insights onto a single, holistic, display, focusing attention on what matters, when it matters.
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reduction in cost and increase in speed. Sometimes in order to reduce complexity teams compromise features or change requirements
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the connection between building better software and business agility has been a tenuous one at best. But now that Agile is maturing and Digital Transformation is driving change across enterprises large and small, companies are realizing that their best bet for achieving business agility is to take the best of Agile and apply it across the entire organization.
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, will discuss how data centers of the future will be managed, how the public cloud best suits your organization, and what the future holds for operations and infrastructure engineers in a post-container world. Is a serverless world inevitable?