Expert Blog

What could've saved Marriott/Starwood from the data breach

Back in control of Cyber Security

The Marriott/Starwood breach reported in detail is a truly fascinating insight into one of the largest breaches of all time.

It raises so many questions and highlights so many issues. The most obvious is that this exploit was active for nearly four years! Considering the nature of their business and thus the vast amounts of personal data such companies process, one wonders if they adopted an Information Security Management System (ISMS).

Identify vulnerabilities and threats

By adopting an ISMS Marriott/Starwood would have identified the vulnerabilities and threats that pose a risk to their organizations. By measuring these risks in a consistent, valid and comparable manner they would have been able to prioritize those that fall outside of their risk tolerance level. Controls could then have been applied adopting a defense in depth ethos. Finally, the controls can themselves be measured for effectiveness and continually improved.

Controls that could've prevented the breach

IBM Guardium did a great job of detecting the rogue database query but all too late. A combination of some/all of the below controls would have no doubt gone a long way to prevent the initial breach and or stop the spread of it:

  • User Awareness Training
  • Endpoint Detection and Response (EDR)
  • Multi-factor authentication (2FA/MFA)
  • File Integrity Monitoring (FIM)
  • Security Information and Event Management (SIEM)
  • Encryption and Key Management
  • Data Loss Prevention (DLP)
  • Data Classification
  • Email Security solutions
  • Regular Penetration Testing
  • Vulnerability Management

This really does highlight the importance of securing personal data. If you do not invest the appropriate resources in security you are not only exposing your business but also your customers!

Colin Rumsam - March 26 2019

Share this page: