Happy Friday, Federal friends! I hope all of you enjoyed some nice family time over the respective holidays last week. After a successful Marathon Monday here in Boston we're blessed with chirping birds and blooming flowers (finally)!
As you all probably know by now, Verizon released their latest DBIR report earlier this week. While this report covered a wide range of topics in regards to breaches, I found one point of their breach-buckets very interesting - Miscellaneous Error. As an article on Quartz highlighted, this equates in large part to an "oops" factor. Meaning that these breaches aren't caused by malice, until it hits the hands of an attacker, but rather human error. These range from simply leaving a laptop unattended in a conference room, to having a thumb drive drop in a cab, and simply mishandling the delivery path of information. What I mean by that is sending critical information to the wrong user, or person in general. The report shows that there are more egregious offenders to this step but the government alone accounts for 13% of these types of incidents. Not surprising considering the US Gov't is the largest employer in the US.
The impact of these incidents? Far reaching beyond the walls of your agency as it can affect civilians at large. Many times the information being sent is not for public consumption and ends up in the hands of the wrong recipient anyway. Given the fact that there is more transparency within the Federal space, we are beginning to see more of these incidents reported. That's not to say private organizations don't suffer the same issues at a large scale, but that when this happens within the gov't, it's more likely to be reported due to more stringent disclosure policies. The large amount of information your agency handles can be hard to mitigate, but at the end of the day this does come down to human error, double checking where you are sending data, and understanding the nature and risk of that data. This is critical.
Perhaps another unavoidable oops? The machines you have in your agency that are still running XP. While the budgetary issues over the last year have greatly impacted your efforts to upgrade your systems, and with the private sector facing similar cash-flow hurdles, Microsoft still killed the OS. Luckily, if you weren't able to opt-in for the additional coverage with XP you have some industry folks looking out for you. There are a few AV vendors that will be supporting XP going forward, Kaspersky has the most specific language around their support stating they will continue to do so through the current iteration and 2 future updates. My best recommendation for you is to verify with your AV vendor that checks will continue to be updated and push for a hard date when they will no longer be supporting XP. While procuring funds to upgrade across the board can be difficult, it's important out have a plan in place for when this OS is truly EOL with these AV vendors.
As I mentioned a few weeks ago we now have a Federal Security specific LinkedIn page. As I'm adding articles and information pertaining to the space often, swing by and check it out.
Now, here's Chuck Norris securing his perimeter and hacking-back his attacker as we would expect. He doesn't need IDS/IPS, he's Chuck Norris.