The IT security industry is currently in overdrive as organisations big and small prepare for the new Mandatory Data Breach Notification Laws which are now nullified legislation.
These new laws (under Section III of the Privacy Act (1988)) dictate exactly how an organisation must act after they have suffered an Eligible Data Breach and give the government the power to fine any organisation or individuals within an organisation, who fail to follow this dictation (up to $1.8 million for organisations and $360,000 for individuals).
For a full refresher on the new data breach laws click here, as this article is not directly about the new laws but why companies need to look at an additional security tool to survive them. This tool is known as a Threat Detection Application (TDA).
Imagine the following scenario;
Your house is secure, you have a fence surrounding the property, locks on all the doors and windows and are fully insured. You would think that you’re perfectly safe from any burglar, but what if the burglar manages to get over the fence, unlocks a door or a window and gets inside.
How would you know they’re inside stealing your furniture?
You've invested a lot in keeping out burglars, but what have you added to catch the rare 1 or 2 professional cat burglars who know how to bypass security systems.
This is where you would install a motion detection system, which measures activity within your house. That way the professional cat burglar who gets inside is immediately spotted and removed.
This is what many businesses do not have. They consider themselves safe using security to keep criminals out but have nothing to measure the few that do manage to break in. Which is why businesses need a TDA.
A TDA tracks your organisations internal systems spotting and highlighting any unusual behavior or external intruders. As well as being configurable to organisations specific requirements.
For our house example imagine that you have a pet dog. Before you go to bed you configure the alarm conditions, setting the following rules;
With these settings, you’re able to set the alarm specific to your needs which will only sound if an intruder breaks in.
This is the same with a TDS, you’re able to set specific conditions based on finding unusual behavior occurring within your organisation and to only send alerts when such behaviors occur. These rules can be almost anything, from a department or employee downloading files they shouldn’t be, to sensitive data being exported outside an organisation to other malware-related activities.
This is the type of program businesses should be looking at as the new data laws come into effect. Building up additional security on the outside won’t have any effect on data breach mechanisms intelligent enough to weave past the security or even current malware programs which have already slipped past your security and are currently inside.
With a TDA you can spot virtually any data breach, regardless of the source and keep yourself legally compliant in the eyes of the law, avoiding risk of fines and maintaining a clean public image.