Don’t Wait for a Breach: 6 Essential Actions for Stronger Data Protection

A supermassive data breach dubbed the “Mother of All Breaches” (MOAB) has been uncovered by a team of cybersecurity researchers on an open instance. As reported by Cybernews, the breach contained a staggering 12 terabytes of data and over 26 billion records from platforms like LinkedIn and Twitter. 

While much of the leaked data stems from past breaches, there’s likely some fresh information and stolen account credentials in there, too, meaning the MOAB still poses significant risks, including identity theft, phishing attacks, and unauthorised account access.

Managed Security Services: Constant vigilance in the face of threats

The recent discovery of the MOAB serves as a stark reminder of the ever-present cybersecurity threats we face. However, at DNX, this is an opportunity to reinforce the importance of proactive security measures and the necessity of robust managed security services.

Security is not just a feature of our services; it’s one of the core pillars of our operations. We employ cutting-edge automation to continuously monitor account data for breaches on the dark web and within your infrastructure. This proactive approach enables us to swiftly identify indicators of compromise and promptly alert clients if their data is at risk. 

Safeguard Your Data: Proactive steps to data security

With cyber threats evolving, it’s a matter of when, not if, your data gets breached. But what can you do without someone like DNX behind you? As the Security Practice Lead at DNX, here are some essential steps I recommend:

1. Password Management: In the event of a breach, promptly review and update passwords for the impacted accounts, and maybe even accounts that may not have been impacted just in case. Prolonged use of compromised admin accounts, as seen in some large organisations, exacerbates the impact of a breach. Rotating account passwords regularly is an effective measure to reduce this risk. At DNX, we implement a 90-day password rotation policy for regular accounts and 30-60 days for accounts with access to sensitive information.
2. Multi-Factor Authentication (MFA): Enable MFA for all accounts, irrespective of user role, to prevent basic accounts from being exploited as gateways to more critical ones. YubiKeys (Hardware MFA) are highly recommended, providing an additional layer of security at a modest cost per employee.
3. Enhanced/Automated Monitoring: Monitor your infrastructure for unusual account activity and scan the dark web to address potential unauthorised access promptly. At DNX, we offer continuous monitoring for all accounts for breaches on the dark web for a small monthly fee. Additionally, for a similar price, we utilise automated tools within AWS, such as GuardDuty, to monitor and identify indicators of compromise.
4. Incident Response: Be prepared with a clear response plan outlining roles and contacts. Swift action is key in the event of a breach. For example, before working with DNX, a client experienced delays in responding to a breach involving compromised developer accounts. These delays allowed attackers to create additional accounts, leading to unauthorised access. This highlights the critical importance of prompt incident response.
5. Zero-Trust Approach: Adopt a zero-trust model where access is never assumed based on position or location. Every access request undergoes thorough verification and authorisation, irrespective of the user’s role, addressing the core issue of compromised accounts.

6. Training and Education: Regular cybersecurity training, ideally quarterly or monthly, is imperative to stay updated on the latest threats, best practices, and response methods. Continuous education helps fortify defences and mitigate human error, a common weak point in cybersecurity.

Final Thoughts: Preventing problems to stay ahead

In summary, staying on top of cybersecurity practices with these proactive measures is crucial. From keeping passwords fresh to embracing multi-factor authentication and staying on guard with automated monitoring, you can build strong defences against potential breaches. And let’s remember the importance of having a solid incident response plan and adopting a zero-trust mindset. By practising these basics, you’re not just reacting to threats but actively thwarting them before they become big problems. If you can’t or don’t have the necessary resources to do so, a robust managed security service is a strong option.