With each new breach it’s good practice to
find a takeaway that can serve as a reminder or new insight. The recent breaches with Twitter, The New
York Times and The Washington Post are no different.
Twitter has offered the most transparent
account of the breach thus far. Bob Lord, Twitter’s director of information security, offers an extensive explanation in his blog
. Lord reveals that the attack was not the work
of amateurs nor was it an isolated incident against Twitter. The hackers were
clearly targeting other companies and organizations. It was for this reason
Lord, “felt that it was important to publicize this attack while [Twitter] still
gather information, and we are helping government and federal law
enforcement… to make the Internet safe for all users.”
The Daily Mail
consulted an independent
privacy and security researcher for input on the Twitter breach and what can be
gained from Twitter being so public about it. Considering the breach impacted a
relatively small number of users and how quickly Twitter was able to
effectively respond and mitigate the breach, it was deemed well contained.
This reflects the discussions we
participated in at the Women in Security Lecture Series recently. Namely, that there is a clear need for more
communication between security executives and more learning from each other’s
mistakes. Twitter is setting a positive example in how to be transparent in process
and sharing details for others to learn from and how to proceed.
Given that it’s now understood that it’s
not a matter of if a company will be breached but when, responses like
Twitter’s go towards removing much of the taboo and shame associated with a
breach. This is the necessary first step
towards true sharing and progress.
the communication at an early stage, which Twitter seems to have been able to
do, is an essential part of any security plan. As Lord stated in his blog,
these attacks were specific and not perpetrated by amateurs. The hackers have
gotten sophisticated and the security executive’s plan must evolve to keep pace.
Defence Intelligence’s main service
offering, Nemesis, is able to add that layer of protection. Many security
executives rely on Nemesis as the extra layer that will protect their network
from breaches. Nemesis effectively protects networks by severing communication
between the network and the attacker. This allows security groups and
traditional security tools the needed time to respond and remediate.