Nearly every business has shifted away from terrifyingly large groupings of spreadsheets in favor of more organized and dynamic databases. Of course when nearly every business uses some iteration of the same conceptual data housing, attackers can take advantage of the standardized structure. In 2009 there were 141 reported data breaches. In 2010 that number jumped to 760.
The main issue faced seems to be the amount of time it takes to find and contain the breach. In 2009, according to the Verizon’s 2010 Data Breach Investigations Report, 31% of breaches resulted in a compromise within minutes. In comparison, 37% took months to discover and 29% took months to contain. Verizon reported in their 2011 study that not much changed in a year. In 2010 33% of breaches took only minutes to compromise data while a staggering 75% weren’t discovered for weeks or even months. Nearly 50% of these breaches took weeks to contain.
As McAfee sees it, the clear solution is to prevent these breaches and, if they occur, discover them faster. Nearly 75% of businesses now rely on the built in security in their database suites which relies predominantly on audits and logs to monitor database activity. As McAfee describes it’s new Database Activity Monitoring software in their data sheet,
“Alerts are sent directly to the monitoring dashboard with full details of the policy violation for remediation purposes. High-risk violations can be configured to automatically terminate suspicious sessions and quarantine malicious users, allowing time for the security team to investigate the intrusion.”
In addition, the software offers virtual patching, allowing a noninvasive way to temporarily apply vendor patches while sufficient application testing can be conducted.