The Marriott/Starwood breach reported in detail is a truly fascinating insight into one of the largest breaches of all time.
It raises so many questions and highlights so many issues. The most obvious is that this exploit was active for nearly four years! Considering the nature of their business and thus the vast amounts of personal data such companies process, one wonders if they adopted an Information Security Management System (ISMS).
Identify vulnerabilities and threats
By adopting an ISMS Marriott/Starwood would have identified the vulnerabilities and threats that pose a risk to their organizations. By measuring these risks in a consistent, valid and comparable manner they would have been able to prioritize those that fall outside of their risk tolerance level. Controls could then have been applied adopting a defense in depth ethos. Finally, the controls can themselves be measured for effectiveness and continually improved.
Controls that could've prevented the breach
IBM Guardium did a great job of detecting the rogue database query but all too late. A combination of some/all of the below controls would have no doubt gone a long way to prevent the initial breach and or stop the spread of it:
- User Awareness Training
- Endpoint Detection and Response (EDR)
- Multi-factor authentication (2FA/MFA)
- File Integrity Monitoring (FIM)
- Security Information and Event Management (SIEM)
- Encryption and Key Management
- Data Loss Prevention (DLP)
- Data Classification
- Email Security solutions
- Regular Penetration Testing
- Vulnerability Management
This really does highlight the importance of securing personal data. If you do not invest the appropriate resources in security you are not only exposing your business but also your customers!
Colin Rumsam - March 26 2019
Do you want to learn more about this subject, or do you have specific questions? Don't hesitate and reach out! Speak with a solutions expert or architect. Give us a call or leave a message. Our team is ready for your inquiries.
Security Solutions Consultant