WADA Data Breach Lesson: Prioritize IT Spending
September 30, 2016 | Cyber Assaults, Rio Olympics
Earlier in June, just about a month ago before the Reo Olympics, organizers had one big concern: How to boost cyber-defenses at a time when cybercriminals are becoming increasingly adept in bringing down IT systems during major sporting events.
Taking lessons from London Olympics, organizers in Brazil, as a part of the broader security strategy, took a host of cyber security measures with a help from many intelligence agencies. Those preemptive measures, to a large extent, proved successful as organizers fended-off widely feared Denial-of-service type of cyber-assaults.
But then it also taught one important lesson. Cyber criminals are extremely canny. They attack on those unsecured areas, which organizations fail to patch.
Indeed, a cyber-attack on the Montreal-based The World Anti-Doping Agency (WADA) proves that. Hackers intruded the data base of the organization which stored medical reports of all participating athletes. They leaked confidential medical files of Tour de France Champion Chris Froome and Serena Williams in addition to several top athletes.
The incident forced WADA to review its IT security related spending. The organization, however, defended itself by arguing that its budget of $30 million is just not enough to fortify its IT systems.
IT Budget constraint remains one of the biggest challenges for organizations, especially small to mid-sized, across the world.
Therefore, organizations should identify and focus on areas which they feel are extremely critical for them. For instance, for organizations like WADA integrating Identity and Access Control Management (IAM) in their IT ecosystem is a must. Had there been an IAM system in place, WADA could have avoided data breach. Likewise, industries like banking, insurance, and healthcare should prioritize their IT spending. All these industries store tons of highly sensitive information, which is vulnerable to malicious insiders and external malefactors.
The bottom line: Today businesses have choice of selecting innumerable IT security products and services. But it’s up to us to outline what are the areas that should get a priority for allotting IT budgets.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us