On March 10th, Hillary Clinton held a press conference to defend her use of her own email server for State Department communications (see our March 11th blog). One of the things she said during that press conference was that she was sure the clintonemail.com server had never had a security breach. Clearly Ms. Clinton doesn’t realise that it is possible for the server to have been hacked, and not discovered.
Case in point. Last week, Premera Blue Cross, who provides health insurance in the U.S. Pacific Northwest and Alaska, announced that they had suffered a hack in May, 2014, exposing claims and clinical data affecting 11 million customers. The breach was apparently uncovered on January 29 of this year, seven months after the incident occurred it was only discovered after a related insurer discovered that they too had been breached, causing Premera to check its own servers for tattletale signs.
Cybersecurity professionals are increasingly saying that the emphasis should be placed on catching attackers in the act rather than trying to prevent them from breaching the walls in the first place, since it’s becoming apparent that the walls won’t always prevent the attack.
Setting traps and catching hackers in the act is fine, but only if you detect the breach in the first place. To truly protect information, it has to be secured even if it’s stolen. This is where information governance comes into play. By eliminating what you don’t need (so it’s not there to steal) and identifying your crown jewels (so that you can lock them away using encryption), if an attack is not detected in time, you can still rest assured that all the hackers stole was a bunch of undecipherable gibberish.