What can the recent Barnes and Noble breach teach us about SIEM, security analytics, and the threat landscape? Recently, we spoke with several experts about the identity management lessons IT decision-makers could learn from the attack on the U.S. bookseller. However, we found that several experts saw this episode as a jumping-off point for critical lessons in SIEM as well.
Here, we present commentary about the Barnes and Noble Breach, SIEM, risk management, and more.
What the Barnes and Noble Breach Can Teach Us About SIEM
Vinay Sridhara is CTO of Balbix.
“Companies in the retail industry have noticed a recent increase in online consumer buying patterns due to COVID-19, and with the holiday season fast approaching, this trend will only continue to rise. Today’s unfortunate reality is that the enterprise attack surface is massive, and there are nearly unlimited things that can go wrong. According to a recent report, nearly half (46%) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited. This leaves security teams flying blind when it comes to prioritizing risk and leaves organizations vulnerable to unexpected attacks. To manage risk across their networks as well as a growing array of partners, the enterprise needs tools that can proactively monitor and prioritize vulnerabilities across the entire threat ecosystem. Taking a proactive approach towards managing risk must become the new norm and is required for good security posture.”
Jonathan Reiber is Senior Director of Cybersecurity Strategy and Policy at AttackIQ.
“We have seen a massive uptick in e-commerce under the onset of the coronavirus, and retailers are at risk of cyber-attack with peak online holiday shopping season around the corner. Today, retailers need to make a cognitive leap past the election and realize that they are the next logical target in the adversaries’ sites. With limited investments, they can adopt a threat-informed cyber defense strategy and focus on the threats most likely to impact their operations.
Paul Martini is CEO and Cofounder of iboss.
“The indication that this breach may have been the result of ransomware should come as no surprise as these malicious attacks are becoming harder to spot and increasing in frequency. As a result, an untold number of Nook customers whose email addresses may have been exposed are now at further risk of being targeted by sophisticated phishing campaigns. Notably, this news comes after it was revealed that the U.S. government took direct action to disrupt a botnet, which has generally been used in ransomware attacks. To help prevent these types of attacks, organizations of all sizes should consider modern cybersecurity solutions that protect user internet connections regardless of location.”
Thanks to these experts for their time and expertise on the Barnes and Noble breach and SIEM. For more on the top vendors and capabilities in cybersecurity, please download the Solutions Review SIEM Buyer’s Guide. We provide a Bottom Line analysis for each of the top vendors as well as several guiding questions and factoids.
Latest posts by Ben Canner (see all)
- Gartner Names 4 Cool Vendors in Security Operations and Threat Intelligence - October 19, 2020
- Micro Focus Reveals 2020 State of Security Operations Report - October 19, 2020
- What the Barnes and Noble Breach Can Teach Us About SIEM - October 16, 2020