A former cybersecurity analytics specialist at health insurer Anthem, which experienced a massive data breach, says organizations in the healthcare sector and elsewhere need to take steps to better protect users' credentials both internally and at third-party business partners.
CIOs, CISOs and board members need to carefully assess "how well poised are we ... to see things that are going on in our environment, to make sense of them and to respond when we have a problem," says Steve Moore, who now is vice president and chief security strategist at Exabeam.
The 2015 Anthem breach, which affected almost 79 million individuals, is believed to have started with a phishing attack that led to stolen credentials.
"We have to start thinking about email as a business process and not a messaging system and how do we govern that," Moore says in an interview with Information Security Media Group. "What are we allowing to process through there? Is there anything that we need to govern differently?
In the interview (see audio link below photo), Moore discusses:
- The importance of training staff on how to respond to a breach;
- The need to block access to "uncharacterized" websites that may download malware;
- The benefit of sending prompts warning of the risks involved before macros can be executed.
Moore is vice president and chief security strategist at Exabeam, a provider of SIEM products. He previously spent more than seven years at Anthem in a variety of cybersecurity practitioner and leadership roles. That included serving as staff vice president of cybersecurity analytics, playing a leading role in the response and remediation of Anthem's massive data breach.