Data Breach Prevention

A data breach is the single most devastating security event that an organization can endure. A high-profile breach of sensitive data—such as credit card or social security numbers – can lead to brand damage, lawsuits, and fines. Over three hundred million sensitive records were compromised between 2005 and 2010¹, underscoring the severity of the threat.

To prevent a financially damaging data breach, organizations must protect their application, file, and database data from the following security risks:

• Hacking and external threats
• Insider threats
• Application vulnerabilities due to ineffective secure Web development processes

To address these security risks, organizations must follow security best practices and implement practical and effective safeguards to mitigate internal and external attack vectors.

Key Drivers

Hacking and External Threats
Web applications are a prime target for attack. Applications often contain sensitive data such as credit card numbers, bank account information, and Social Security numbers, and they are typically riddled with vulnerabilities. To address external threats, organizations must protect against known, zero-day and automated attacks, prevent data leaks, safeguard HTTP and SSL-encrypted applications, and protect application data that is stored in databases.

Insider Threats
For most organizations, the greatest threat comes from within. Protecting sensitive data is essential to any effective security or compliance strategy. Traditional network security controls simply don't protect sensitive data from insider threats. Organizations need purpose-built data security solutions that can detect, prevent, and continually audit how users, including privileged users, interact with sensitive data. By monitoring and enforcing database, file and application access at the data level, organizations can effectively control insider threats.

Secure Web Development
Research indicates that over 80% of Web sites have had high, critical, or urgent vulnerabilities.² New attack methods, such as published attack tools and search engines, have made it easier for even novice hackers to find and exploit vulnerabilities. Based on these serious security threats and the high prevalence of application vulnerabilities, organizations need to undertake secure application development processes, accelerate application fix cycles through virtual patching, and pinpoint application errors and vulnerabilities discovered by application monitoring.

¹Privacy Rights Clearinghouse
²WhiteHat Security Inc., "Website Security Statistics Report," May 2009