This morning we were informed that Starwood Hotels and Resorts had a breach. Someone had gained unauthorised access to their database and network. This has been ongoing since 2014 without their knowledge.
The persons who had done this now have information about aprox 500 million guests. This including full name, telephone numbers, addresses, gender, age, passport numbers, SPG account numbers, arrival and departure information and probably the encryption keys for the credit card numbers.
It’s now an ongoing investigation.
This once again proves the importance of security of the whole network. Perimeter, Secure Switching (internal network), Mail Protection, Sandboxing, Ddos protection, proxies, SIEM. Analyse behaviour of users.
How to handle data at rest, data in use, data in transit (DLP). And also lightweight endpoints.
To have as many of this components in place will give you a much greater chance to visualise the unknown and protect yourself to the known threats.
The most innovative and leading security software companies today have all these components. The components also are able exchange data/information with each other. This building a greater knowledge of the critical parts of the network. Stop and analysing the threats wherever they will be discovered first.
It’s time for alla companies to step up. To be interested in the new technology and think about the architecture. Priorities security. Get help from professionals. Ask yourself, what if?
Let’s hope for a better 2019!
More info about the breach here: