“100 percent.” That was the response from the cyber division deputy assistantdirector of the FBI, Steven Chabinski, when a major carrierexecutive asked about whether his company's infrastructure had beenhacked. The assistant director spoke without hesitation and went onto emphasize that if cyber criminals want into a network, they canfind away. Naturally the follow-up question is “Why?” or “What do we havethat someone would want?” You have resources. Your network hasthe big three: bandwidth, processors and storage. Bandwidth can be used for spam amongother things; processing power can betapped without notice and used to execute transactions and othercyber mischief; and storage can be usedto place things on your network that criminals do not want to befound on theirs. The combination of the three allows your networkto become part of a “botnet,” a cluster of thousands of computerswith a common command and control center used to target anyone. The going rate in the black market to rent a botnet is about$1,000 per hour. You have intellectualproperty. While it may be surprising that yourbusiness processes, policies, actuarial data and product lines maybe interesting to hackers, foreign nation states, cybercriminal andeven competitors would want this information. History has proventhey want to know how you function so they can build their own—atyour expense. Taking all of this information andincorporating it into their business can save time and effort inbringing similar productions to market, improving their operationswith your processes, or in the case of cyber criminals give them aproduct to sell on the black market. You are the custodian of personalinformation. Not only does this include yourinformation, it also includes personally identifiable information(PII) of your employees, customers and agents. There areunscrupulous competitors out there who want to build a marketingcampaign to specifically target your customers and steal yourmarket share. There is a criminal out there thinking your databasewould provide a perfect target to pull the data out and use it foridentity theft or perhaps spam. So how do we protect ourselves? Today's network defense is no longer “network” defense. Thevalue is now in the data. We can start by knowing where our datais. In today's information-rich culture, data is everywhere.A singular focus is no longer an adequate perimeter defense. Afirewall can certainly help defend some attacks to networkperimeters, but that is not enough. Malicious code can hideundetected inside the legitimate traffic and networks.

Data are always in one of three states: at rest, in use or inmotion. Data at rest are being stored within thetraditional perimeter on servers and workstations, but it is alsoon laptops used by agents, partners and even customers—some ofwhich will require a mobile device of some type. Data inuse are being extracted and manipulated in Web browsersand apps, then sent back through various avenues. When data isin motion, it makes its way across public WiFinetworks and 3G airwaves as well as through satellite and landlinesacross the world. Mobility is considered one of the highest risk access pointsin the threat landscape since most people own mobile devices. It isessential to place some controls on access and usage of thesedevices. Such controls include: Strong passwords: Passwords that expire overa period of time and remember a password history so the samepassword cannot be used repeatedly. Inactivity timeouts: The device should lockafter a short period of inactivity. Device lock-out: The device should lock afterseven failed attempts to access. Wiping capabilities: This involves sending acommand to the device to scrub all of the data remotely. Wiping after failed login attempts could also be an option. Encryption: If the data on the device areencrypted properly, the task of making use of the data is extremelydifficult. Education: Users of these devices that accessdata should be informed of the value and necessary protectionrequired for the data they are carrying. A final consideration regarding “mobile data” is portablestorage. Thumb drives are considered an invaluable tool tocyber criminals. Putting malicious code on a thumb drive anddropping it in a parking lot for an unsuspecting victim to pick upand plug into their network is a simple way to transport Trojancode past a firewall and onto a victim's computer. The code callsto the command and control server on a commonly allowed firewallport, continually morphs itself to avoid detection and replicatesall across the networks. Cyber professionals have to be right100 percent of the time—a cyber criminal only has to get it rightonce. A firewall or any single technology cannot protect datafrom cyber criminals. A solid protection plan requires many layersof technology, education and consistency.