The bull's-eye at Target was its network. The retailer failed to secure access to payment systems with proper network security infrastructure. You know, the stuff that everyone assumes companies are doing. Most aren't.
While headlines screamed "sophisticated hackers," some security people wondered why the systems that had access to cardholder data were not segmented off from the corporate network, not to mention the Internet. And wasn't the popular retailer, embraced by hipsters who shop on the cheap, PCI compliant?
Three years -- and many lawsuits -- later, network segmentation remains on the backburner at many companies. In this issue, Rob Lemos looks at why organizations still fail to wall off sensitive data as part of their network security infrastructure. "Without network segmentation, you can be assured that you will not have security," Eric Cornelius, managing director of industrial control systems at Cylance Inc., told Lemos. "Compromises go from trivial to detect to critical incidents …"
Constant mergers and acquisitions increase the challenges of designing network security infrastructure, performing risk analysis and keeping up with firewall policy and change management. But segmentation can help here, too, if security teams partition off resources until they are sure new systems and applications meet corporate security standards.
Encryption is another area that got scrutiny after the Target breach. If only the retailer had end-to-end encryption, some Monday Morning Quarterbacks exclaimed. But enterprise encryption, like segmentation, is more art -- or design -- than science. Too many people remember the pluses (no way to decipher the data), reports Alan R. Earls, and forget that it all depends on your choice of algorithm, key management and technology implementation (on both sides of the aisle). And, as Apple has shown, encryption does not protect companies from regulatory issues or interference.
We also look at Readers' Top Picks for SIEM tools, another implementation challenge for many enterprises. According to the readers we surveyed, interest in SIEM technology has moved beyond a checkbox for compliance as their organizations seek to improve threat response across environments, including cloud services.
Network security infrastructure and enterprise encryption are fundamental parts of many security programs, but more companies could benefit from prioritizing security policies and standard requirements in these areas.
Has Target finally segmented its network? More importantly, have you?
About the author:
Kathleen Richards is the features editor of Information Security magazine. Follow her on Twitter: @RichardsKath.
Was the Target breach a wake-up call for enterprise security?
Learn more about network segmentation techniques
Better security with microsegmentation