Most stuff at Infosec will never be used - researcher

Most of the stuff being offered in the booths at Infosec Europe this week will never be used, a researcher says. He advises channels to concentrate on the three top threats in their vertical market specialisation, and sell those solutions to customers. For example, says John Madelin EMEA VP Marketing of Verizon, the actual reported breaches through mobile devices amounts to less than 0.03% - a negligible concern.

Verizon has just produced its annual data breach investigations report, using data from round the world, and including for the first time, information from the UK government. It confirms the real importance of managing the risks, having plans in place to prevent and control breaches, but calls for realistic assessments of the threats. “You can never be 100% safe,” he told IT Europa, “so it makes sense to work on the top threats, and in most areas this means just three challenges”. Each vertical market such as retail or financial services has its own particular issues, and these need to be understood by channels selling solutions.

Just the simple things are often very effective – patches should be applied, but there is no absolute urgency as many of the breaches occur where a patch has been forgotten, often months or years after the zero day. And the way mobiles are regarded as a threat is overstated, he says. “Hackers are much more likely to go after servers to get all the data quickly, instead of trying through these devices.” He points to the actual numbers of mobiles affected as something negligible – 0.03%.

He advised those looking round the booths at Infosec to adopt the Pareto principle: 80% of the issues can be solved by a 20% investment.

One of the big problems, however, is the unwillingness of enterprises to acknowledge breaches and to share the information. “They must resist the inclination to draw lines round the incident, to keep quiet and issue no comments”. In these days of social media, to give confidence to markets, partners, customers and the like, it is necessary to take action early and often.

The channel and suppliers have to support the CIOs and others who must ask for money in order to prevent breaches: “The CIO has say ‘give me millions and I’ll give you nothing’”. The Verizon report on breaches is available for free download at http://www.verizonenterprise.com/DBIR/2015/ and will help channels to make a strong case for protection which actually delivers a realistic response.