Assignment Task:
In your initial post, explain the biggest challenges that organizations face in detecting data breaches.
In response to your peers, suggest some controls, best practices, or other practical methods to protect against these challenges. Need Online Tutoring?
Response One:
The biggest challenges organizations have in detecting data breaches most likely include, but is not limited to time and money. I say this because there are so many different options that currently exist in today's market. Some methods of detection could be the Intrusion Detection Systems (IDS) which has many different options such as host or network-based and/or signature or anomaly-based. Organizations with enough resources could choose to implement a combination of these IDS' which is probably the only correct answer, opposed to limiting your methods of detection and only using one.
Setting up honey pots are also another option for detecting real-time data breaches however these require more than just time and money, now the organization has an entire new network to monitor to include the hardware and maintenance required to upkeep and the staffing to monitor its activities. Aside from time and money (resources) being the biggest challenge with regard to detecting data breaches, Organization's taking the time to clearly outline their current security posture and risk models to develop realistic data breach detection framework is a challenge that can be faced and dealt with early on.
Response Two:
One of the biggest challenges organizations face in detecting data breaches is the increasing sophistication (like stealth) of cyberattacks. Attackers employ advanced techniques like Advanced Persistent Threats (APTs), where an attacker may gain access and stay undetected over long periods of time. There are also zero-day exploits which exploit vulnerabilities before vendors have a chance to fix them and often before the wider community is aware of a problem. Additionally, the use of encryption by attackers can conceal malicious activities from traditional security tools. This makes it difficult for typical detection mechanisms to identify breaches promptly, allowing attackers to exploit vulnerabilities over time (EmergeCyber, n.d.).
Another significant challenge is the rapid expansion of organizational networks due to cloud services, remote work, and the Internet of Things (IoT). This increases the attack surface, making it harder to monitor all potential entry points adequately. The sheer volume of data generated across these platforms is overwhelming. It hinders security teams' ability to distinguish between normal and malicious activities. Also, there's shortage of skilled cybersecurity professionals exacerbates this issue, leaving organizations ill-equipped to manage and respond to threats efficiently (EmergeCyber, n.d.).