Breach Preparedness , Data Breach , Events

Mega-Breaches: Top Avoidance Techniques

CrowdStrike CEO George Kurtz Details Incident Response Essentials

Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says George Kurtz, CEO of cybersecurity firm CrowdStrike.

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

"When you have an issue, what you're trying to really do is prevent the mega-breach," Kurtz says. "You might have somebody compromise a system or infect a system, but what you're trying to do is avoid those 200 days of having an adversary roam unfettered on your network, stealing intellectual property, or financial data or personally identifiable information."

Prevention, however, requires preparation, including honing an organization's breach-response plan in advance, as well as marshaling and training everyone who will be required to help respond. The same goes for technology - for example, being able to replay what happened on any given endpoint after a potential breach gets found.

"Knowing exactly what piece of malware - as an example - touched a particular document may either cause you to have to notify that you've been breached, or it may save you potentially millions, because you can ascertain and empirically prove that that document or data element wasn't touched," he says.

In this interview with Information Security Media Group conducted at the Infosec Europe conference in London, Kurtz also details:

  • Best practices for complying with the EU's new General Data Protection Regulation and related notification requirements;
  • The importance of running tabletop exercises to help organizations hone their data breach response plans;
  • The case for having an organization's legal team hire outside incident responders in advance of a breach;
  • Factoring the potential for malicious insiders into incident-response plans.

Kurtz is CEO of CrowdStrike. Previously, he served as the worldwide chief technology officer - amongst other roles - at McAfee, was also the founder and CEO of Foundstone, and developed the first ever internet penetration-testing methodology for all of Price Waterhouse.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.




Around the Network