{"id":2192,"date":"2018-10-01T14:24:53","date_gmt":"2018-10-01T18:24:53","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2192"},"modified":"2018-10-05T12:13:02","modified_gmt":"2018-10-05T16:13:02","slug":"key-takeaways-recent-facebook-data-breach","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/","title":{"rendered":"Key Takeaways from the (Most Recent) Facebook Data Breach"},"content":{"rendered":"

\"Key<\/p>\n

October is National Cybersecurity Awareness Month! Make sure you keep your security analytics solutions up-to-date! Give your enterprise with the detection capabilities vital to its digital safety! <\/span><\/i><\/p>\n

Another week, another major hack on an enterprise. <\/span><\/p>\n

Facebook, the social media giant, discovered a data breach late last week affecting around 50 million users. Facebook discovered three malware strains had penetrated their unique \u201cView As\u201d capability; this tool was supposed to allow users to find out what information was publically available. The hackers, who have not yet been identified, used it to steal untold amounts of data.<\/span><\/p>\n

\t\t\t

<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n

What data exactly was stolen in the Facebook data breach\u2014and whether it has been used for malicious purposes\u2014has not been determined. Compounding the crisis, 40 million additional Facebook accounts, raising the total affected to 90 million. <\/span>
\n<\/span><\/p>\n

Facebook CEO Mark Zuckerberg said in a statement: \u201cI\u2019m glad that we that we found this and that we were able to fix the vulnerability and secure accounts. But it definitely is an issue that this happened in the first place.\u201d <\/span><\/p>\n

\u201cAnd I think this underscores the attacks that our community and our service face, and the need to keep on investing heavily in security and being more proactive about protecting our community. And we\u2019re certainly committed to doing that.\u201d <\/span><\/p>\n

But simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. Instead, enterprises need to ask themselves what they can learn from the Facebook data breach and act on those lessons.<\/span><\/p>\n

Here are a few of our suggestions:<\/span><\/p>\n

Cybersecurity is the Opposite of Carelessness<\/b><\/h4>\n

Facebook has long been famous for its \u201cmove fast and break things\u201d philosophy\u2014prioritizing fast innovations even at the cost of coding errors. 2018 revealed the inherent flaws in this motto. Both the Facebook data breach and the Cambridge Analytica scandal show that being careless with network security or data privacy creates damage in the long-term. <\/span><\/p>\n

Facebook has been trying to move away from their prioritizing of speed over stability. Your enterprise should do the same. Your digital products and services should be carefully monitored and subject to threat detection on a regular basis to find potential security flaws before they become larger issues. \u00a0\u00a0<\/span><\/p>\n

Investing in Cybersecurity Is Only Part of the Equation<\/b><\/h4>\n

It would be easy to dismiss the Facebook data breach as simply another enterprise failing to understand the seriousness of digital threats. However, such a dismissal would be inaccurate. Zuckerberg previously promised to increase their security staff and spend more on artificial intelligence; they also appear to be fulfilling this promise. <\/span><\/p>\n

However, the Facebook data breach proves cybersecurity is more than investment. Facebook still lacks a chief security officer who could have directed their internal security resources. Your enterprise should have a CIO or CISO in charge of your cybersecurity direction. Furthermore, Facebook also demonstrates how cybersecurity can often fall prey to the classic warfare mistake of \u201cpreparing for the last war.\u201d <\/span><\/p>\n

Legacy network security solutions and legacy SIEM solutions are often designed to combat previously seen threats, leaving enterprises vulnerable to hackers\u2019 innovative attacks. They are constantly preparing to fight against threats, malware, and other threats from the past while hackers are constantly innovating their tools. Next-generation SIEM solutions are better prepared to combat upcoming threats as well as older malware. Replacing your legacy solution might be in your best interest. \u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n

Synthesizing these points, Facebook has largely been committed to combating the security issue of fake news. While this is essential, it also demonstrates fighting the previous war\u2014a direction that might have contributed to their current compromise. A CIO might have been able to mitigate these problems by providing a stronger direction for the future. Your enterprise might want to keep this lesson in mind. \u00a0\u00a0\u00a0<\/span><\/p>\n

Dwell Time Still Counts Significantly<\/b><\/h4>\n

The malware strains responsible for the Facebook data breach first penetrated its network in July of last year. Yet evidence of the bugs was only discovered on September 16 of this year.<\/span><\/p>\n

The long dwell time most likely contributed to the damage Facebook discovered; more dwell time means more stolen information. Your enterprise should work to curtail dwell time by conducting regular threat hunting expeditions into your network, improving the security event correlation capabilities of your SIEM solution, and reducing false alarms.<\/span><\/p>\n

Every Hack Affects Everyone Else<\/b><\/h4>\n

There is a concept in immunology called \u201cherd immunity.\u201d It refers to the indirect protection from infectious diseases generated by a large population immune to said infections. Individuals who aren\u2019t immune benefit from the immunity of others. <\/span><\/p>\n

Cybersecurity does not have herd immunity, and because of that an infection\/hack can actually damage more than the enterprise. While no third-party entities have been confirmed as affected as of yet, the Facebook data breach could result in breaches at other breaches as reused passwords or exploited social sign-on become weaponized.<\/span><\/p>\n

Every hack can result in more hacks. Ensure your enterprise uses distinct passwords not used elsewhere to avoid being caught up in the wave of hacks. Consider securing your employee’s credentials as a social service as much as a self=perserving act.\u00a0<\/span><\/p>\n

Other Resources:\u00a0<\/strong><\/p>\n

The 10 Coolest SIEM and Security Analytics CEO Leaders<\/a><\/p>\n

5 Tips for Setting Up a Security Operations Center (SOC)<\/a><\/p>\n

Get Your Employees to Embrace SIEM Best Practices!<\/a><\/p>\n

4 Tips to Make Data Breach Detection Easier For Your Enterprise<\/a><\/p>\n

Enterprises: Don\u2019t Become Complacent in Your Cybersecurity!<\/a><\/p>\n

How to Make Your SIEM Solution Deployment Easier for Your Enterprise<\/a><\/p>\n

Comparing the Top SIEM Vendors \u2014 Solutions Review<\/a><\/p>\n

How UEBA Can Prevent Insider Threats in your Enterprise<\/a><\/p>\n

SIEM vs Security Analytics: What\u2019s the Difference?<\/a><\/p>\n

Should Risk Analytics Bridge the Cybersecurity Talent Gap?<\/a><\/p>\n

What\u2019s Changed? The Gartner 2017 Security Information and Event Management (SIEM) Magic Quadrant<\/a><\/p>\n

The 25 Best Security Analytics and SIEM Platforms for 2018<\/a><\/p>\n

Are C-Level Leaders on the Chopping Block over Cybersecurity?<\/a><\/p>\n


Widget not in any sidebars
<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

October is National Cybersecurity Awareness Month! Make sure you keep your security analytics solutions up-to-date! Give your enterprise with the detection capabilities vital to its digital safety! Another week, another major hack on an enterprise. Facebook, the social media giant, discovered a data breach late last week affecting around 50 million users. Facebook discovered three […]<\/p>\n","protected":false},"author":41,"featured_media":779,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[353,95,145,609,112,86,21,57,22],"acf":[],"yoast_head":"\nKey Takeaways from the (Most Recent) Facebook Data Breach<\/title>\n<meta name=\"description\" content=\"Simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. What can we learn from it?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Key Takeaways from the (Most Recent) Facebook Data Breach\" \/>\n<meta property=\"og:description\" content=\"Simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. What can we learn from it?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2018-10-01T18:24:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-10-05T16:13:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/\",\"name\":\"Key Takeaways from the (Most Recent) Facebook Data Breach\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\",\"datePublished\":\"2018-10-01T18:24:53+00:00\",\"dateModified\":\"2018-10-05T16:13:02+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. What can we learn from it?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg\",\"width\":800,\"height\":350,\"caption\":\"Findings: The Forrester Wave: Midsize Managed Security Services Providers, Q3 2020\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Key Takeaways from the (Most Recent) Facebook Data Breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Key Takeaways from the (Most Recent) Facebook Data Breach","description":"Simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. What can we learn from it?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/","og_locale":"en_US","og_type":"article","og_title":"Key Takeaways from the (Most Recent) Facebook Data Breach","og_description":"Simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. What can we learn from it?","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2018-10-01T18:24:53+00:00","article_modified_time":"2018-10-05T16:13:02+00:00","og_image":[{"width":800,"height":350,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/","name":"Key Takeaways from the (Most Recent) Facebook Data Breach","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","datePublished":"2018-10-01T18:24:53+00:00","dateModified":"2018-10-05T16:13:02+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Simply hearing about the Facebook data breach does not help enterprises grow and adapt their threat detection strategies. What can we learn from it?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/01\/globalnetwork.jpg","width":800,"height":350,"caption":"Findings: The Forrester Wave: Midsize Managed Security Services Providers, Q3 2020"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/key-takeaways-recent-facebook-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Key Takeaways from the (Most Recent) Facebook Data Breach"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2192"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2192"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2192\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/779"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}