The Ecosystem of Breaches -- Introduction

Data breaches are once again in the news. Data security… application security… it's always a big deal.

I used to do a blog where pretty much every day I could report on somebody who had been hacked, somebody who had been breached, somebody who was being fined an enormous amount of money or somebody who was being extorted for an enormous amount of money.

The reality is that over time I sort of stopped doing it because everyone has been breached. Everyone has probably seen the bitcoin ransom note by now, everyone has seen some sort of suspicious activity on the inside of their network and every time it happens they ask the same question.

'How did they get in?'

The reality is they get in through whatever door was left open, and it turns out there are a lot of different doors they can try.

I've broken it down into the six primary areas:

1. Database
2. Services
3. Network
4. User Interface
5. Devices
6. Social Engineering

And then, these things all need to be tied together with identity so that we know who's touching what and why and are they authorized.

Over the next few days, I'm going to break this down into six or seven individual presentations to go through each one of these areas in a little bit of detail, but honestly each one of these is its own set of disciplines with a lot of considerations.

But even knowing there is a lot to dive into in each area, the entire problem needs to be approached holistically and you need to be able to consider that entire ecosystem before you can really feel like the doors are locked and no one's going to get in.