It is common to protect systems and data by:
• Network level security, traffic analysis and event management
• Data Loss Prevention
• Authentication, using user logins, tokens, MFA, etc.
• Email and web filtering, anti-virus and anti-malware
• Using access control lists and Privileged Access Management
• Data Classification
• Full disk encryption
• Database encryption
The media is awash with reports describing “successful” data breaches. The malicious actor is both clever and persistent – they can afford to make huge numbers of unsuccessful hacking attempts with a valuable prize in sight. However, the targeted organisation must defend against all these attacks.