One of the nightmares for executives and IT managers is to have confidential data leak from the enterprise. The fact that they find themselves in the company of the US DoD, Google and numerous other high profile organizations if they do suffer such a breach is little compensation. The fact is that a data breach can lead to a catastrophic loss of reputation and trust from partners and clients and may lead to officially mandated fines and sanctions or expensive lawsuits.
It can be hard to put a value on reputation, though since reputation generally drives sales if trust is lost then sales, particularly online sales, will tend to fall. However it is quite possible to put a monetary price on data loss. A recent article at CSO Online indicated that the cost per customer record lost varies from "$208 per lost record in the U.S., down to $98 per record in the UK". In some ways this may not seem like much, but of course the problem is that it is rare that only a few records are lost. The average cost of a data breach in the same report is put at $3.43 million because the typical online enterprise has tens of thousands of customers. Even worse is the potential hit for medical organizations who typically have less margin to cover fines as the maximum fine for a HIPAA breach has now reached $1.5million up from a mere $100,000 for a single incident. Other regulatory agencies such as the SEC or the various European Data Protection Offices are also getting greater powers too.
There are clear financial and reputational incentives to not suffer a data loss and these incentives are getting larger along with the potential fines for failures. Moreover while the incentives are growing so too are the numbers of attempts made by cyber-criminals to crack network security. And not only is the amount of attempts increasing but so too are the sophistication of the attacks. These days one the preferred method seems to be to convince an insider to install some kind of backdoor or trojan on his computer which then "calls home" to get instructions and then, later, to deliver the take.
The reason why this method is preferred is that in today's business culture it is politically, if not practically, impossible to ban insiders from surfing the internet. And it is equally impossible to let them just surf to "safe" sites. Hence numerous companies provide generally expensive boxes that analyse the stuff coming in and try to match it against known threats.
Unfortunately since these days insiders tend to take their laptops away with them and use them to surf the web from some unsecured internet cafe (or plug in USB drives they have brought in from home) the chances are that the infection itself will not be detected. Hence what needs to be tracked and blocked is the "call home" to the C&C server. Unlike other security systems ThreatSTOP can block this because most C&C servers are already known to us thanks to honeypots run by us and our partners. We know this because we have had a customer discover a few hundred infected computers trying to call home. His firewalls with the ThreatSTOP ThreatList blocked the calls home and logged the IP addresses allowing him to clean out the infections.
Would you want to risk the same thing in your network? It only takes one accident to cause infection and leave you liable to millions in fines and damages? A subscription to ThreatSTOP won't break the bank and helps keep the data breach nightmare away.