Abstract
In the first chapter of this book, we focused on identifying the root causes of data breaches based on hard data from over 9,000 breaches. Then, in the first part of this book, we provided examples of mega-breaches that occurred as a result of these root causes. The root causes are phishing, malware, software vulnerabilities, third-party compromise or abuse, unencrypted data, and inadvertent employee mistakes (separate from phishing). We opened the second part of this book by delving into the key habits that need to be cultivated to support a security program oriented around continuous improvement. We followed up with advice to leadership on how to have discussions about cybersecurity at the board level.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In our descriptions and tables, as we refer to actual product names or company names that may change, please check the www.bigbreaches.com site for the most up-to-date product and company information.
- 2.
The interested reader is referred to https://twofactorauth.org/ for a more comprehensive list of systems that support 2FA.
- 3.
- 4.
WebAuthn/FIDO2 seeks to eliminate passwords completely and provides support for both the first and second factors in authentication, whereas U2F focuses on the second factor.
- 5.
The reader is referred to Chapter 13 of Neil’s book Foundations of Security, or many other available sources, for a basic explanation of how public-key cryptography works.
- 6.
TLS stands for Transport Layer Security and is the protocol that web browsers and web servers use to communicate confidentially, in a way that a third-party cannot eavesdrop, and most often authenticates the server but not the user.
- 7.
- 8.
- 9.
Robert Morris and Ken Thompson, Password Security: A Case History (1979).
- 10.
Issues range from usability of systems such as PGP (Pretty Good Privacy), as well as integration of such capabilities into common email programs and sites.
- 11.
SPF also allows one to specify what sending domains are authorized, instead of just IP addresses, but we use IP address here to simplify the explanation.
- 12.
See Chapter 13 of Foundations of Security for an introduction to public-key cryptography.
- 13.
Agari DMARC Report: 85% of Fortune 500 Leave Their Customers Vulnerable to Impersonation Scams, www.agari.com/email-security-blog/dmarc-q1-2020-email-fraud-report/
- 14.
N. Daswani, Network Detection and Response: A CSO Manifesto.
- 15.
Blue Hexagon Next-Gen Network Detection and Response Security Performance Assessment, https://bluehexagon.ai/miercom-report/
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2021 Neil Daswani and Moudy Elbayadi
About this chapter
Cite this chapter
Daswani, N., Elbayadi, M. (2021). Technology Defenses to Fight the Root Causes of Breach: Part One. In: Big Breaches. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-6655-7_12
Download citation
DOI: https://doi.org/10.1007/978-1-4842-6655-7_12
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-6654-0
Online ISBN: 978-1-4842-6655-7
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)