As cybersecurity experts reel from the deluge of data breach headlines as the holidays close in, it can be easy to miss some of them. Such is the case with the NASA breach, which was disclosed in an internal memo yesterday.
Much of the breach’s details have not yet been determined. We had a few cybersecurity experts weigh in on the breach and what it means for identity and access management and SIEM. Here’s what we learned:
Michael Magrath, Director, Global Regulations & Standards, OneSpan
Those affected by the NASA breach were likely impacted by the previous NASA breaches, the 2015 Office of Personnel Management breach that affected 21.5 million federal employees and contractors and if they transferred to DoD since onboarding with NASA they could have been victims of the DoD breach reported a few weeks ago.
An “agency breach trifecta.” Their personally identifiable information is already on the Dark Web, available for sale. In addition to Christmas cards in their mailbox, NASA employees will receive their breach notification letter which will include the usual standard operating procedure of free credit monitoring.
There have been discussions in Washington about implementing data protection regulations similar to the EU’s General Data Protection Regulation in the United States. It is well past the time to better protect consumers and employees in cyberspace. If the U.S. moves forward with GDPR-like regulations it is critical that any regulation implemented does not exclude the federal government and its employees and contractors.
Stephan Chenette, CTO and Co-Founder, AttackIQ
This is not the first time we have seen NASA suffer a security breach. In 2011, the agency admitted to 13 separate major network breaches, and in 2016 we saw another major hack compromise NASA employee data, flight logs and videos, and the intruders were even able to alter the path of one of NASA’s drones. Now NASA’s current and former employees have had their personally identifiable information compromised, including Social Security numbers, exposing those affected to further instances of fraud and data leaks through other vectors.
Earlier this year, NASA received more than $20 billion for its fiscal year 2018 budget, its best budget since 2009. After multiple serious security incidents, the agency needs to reevaluate the funds and resources it is dedicating toward cybersecurity and adopt solutions that provide visibility into their cyber readiness on a continuous basis to ensure that its systems are operating as intended and defending the organization’s data. A more robust solution will give NASA’s executive team the confidence that their operations will not be interrupted by a security breach, thus saving time, money, intellectual property and more.
Jacob Serpa, Product Marketing Manager, Bitglass
The scope of this breach is still unknown; however, NASA has more than 17,000 employees (and more former employees) who may have been affected. While NASA confirmed that it was working with federal authorities to investigate the breach, waiting two months to notify employees is quite negligent – particularly in light of the fact that Social Security numbers were exposed. Obviously, the best case scenario is to avoid breaches altogether; however, if one does occur, proper steps must be taken to mitigate damage and communicate with affected stakeholders in a timely manner.
To prevent unauthorized access to sensitive data, organizations must adopt robust, flexible, and proactive cybersecurity platforms. These platforms must include identity and access management capabilities for verifying users’ identities, detecting potential intrusions, and enforcing step-up, multi-factor authentication in real time.
Latest posts by Ben Canner (see all)
- 5 Key Security Analytics Capabilities for Security Operations Centers - October 17, 2019
- 40 Percent of Security Practitioners Don’t Report to the Board - October 15, 2019
- What Do SIEM Components Actually Do For Enterprises? - October 10, 2019