Americas

  • United States

Asia

Oceania

Contributor

How to prevent identity theft in your business

Opinion
Sep 15, 20153 mins
Application SecurityCloud SecurityCybercrime

Identity theft isn't only a consumer threat. Looking for bigger gains, attackers are targeting the enterprise with similar tactics to hijack corporate online and financial accounts. Here how security pros can fight back.

Identity theft, historically considered a consumer threat, is expanding its horizons. Looking for bigger game, attackers are targeting the enterprise with similar tactics used to hijack online and financial accounts belonging to individuals.

At their core, the theft of consumer and enterprise identities are similar in that they both involve the inappropriate acquisition and potential misuse of users’ digital credentials. What’s different is how these two types of identities are captured and exploited.

How corporate identity theft works

Consumer identities are typically acquired in large quantities via corporate database breaches. Recent examples include Target, Home Depot, Neiman Marcus and Anthem Blue Cross. These identities are usually then sold or farmed out to criminal groups that attempt to use them for illicit financial gain.

Enterprise identities, on the other hand, are not usually stolen in mass quantities. Instead, they are harvested using more stealthy methods such as email phishing/spear phishing attacks. With a few enterprise identities in hand, attackers can gain access to a company’s secure inner network and steal sensitive data, such as intellectual property or sensitive financial information

Mobile makes hijacking of enterprise accounts easier

With the advent of “open computing” trends introduced with cloud apps and BYOD, enterprise IT organizations have been forced to allow workers to connect to company networks from anywhere at any time. These developments are not only disintegrating the traditional network perimeter, they are also making the hijacking of enterprise accounts easier to accomplish and more difficult to prevent.

To complicate matters, enterprise IT departments are under continuous budget pressures to deliver services more quickly and at reduced costs. As a result, many businesses have jumped into the deep end of the cloud computing pool to capitalize on its promises of faster deployment and predictable costs.

Is your cloud infrastructure putting PII at risk?

While there are tremendous benefits to cloud computing, it also places confidential company data at risk of exfiltration in the event of account hijacking. In most cases, it is more difficult to protect enterprise access credentials in a cloud computing environment than a contained enterprise network. This creates an environment where credential theft is both hard to defend and very difficult to detect (until it’s too late).

In response to these changes, enterprises need to rethink security to address the new “attack surface” that’s been put in place.

Instead of relying on traditional siloed security tools, dated processes and manual operations to address this expanded attack surface, a more holistic approach is required.

This new model should be based on a centralized threat monitoring, policy definition and enforcement infrastructure that enables end-to-end visibility across on-premise systems and cloud applications — by rolling-up intelligence from multiple security tools, enterprise systems and business applications.

To detect corporate identity theft incidents, and other threats that on the surface appear “benign,” new techniques such as real-time analytics, machine learning, peer group modeling, and others, must be layered on top of this centralized infrastructure. This multi-dimensional approach is needed to protect against attacks that are themselves multi-dimensional.

Contributor

Leslie K. Lambert, CISSP, CISM, CISA, CRISC, CIPP/US/G, former CISO for Juniper Networks and Sun Microsystems, has over 30 years of experience in information security, IT risk and compliance, security policies, standards and procedures, incident management, intrusion detection, security awareness and threat vulnerability assessments and mitigation. She received CSO Magazine’s 2010 Compass Award for security leadership and was named one of Computerworld’s Premier 100 IT Leaders in 2009. An Anita Borg Institute Ambassador since 2006, Leslie has mentored women across the world in technology. Leslie has also served on the board of the Bay Area CSO Council since 2005. Lambert holds an MBA in Finance and Marketing from Santa Clara University and an MA and BA in Experimental Psychology.

The opinions expressed in this blog are those of Leslie K. Lambert and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.