An Intrusion Prevention System ( Anthem )

1282 Words6 Pages
With another breach hitting the news (Anthem), I often wonder when companies will learn a lesson, a right lesson even. What I found fascinating about the recent Anthem breach, was that it was an employee of Anthem that discovered that something was wrong. Not a firewall, not an intrusion prevention system, not an intrusion detection system, not a web application firewall, or any other of the dozens of technologies I could mention. According to news reports [1], a database administrator noticed queries made with his/her account, that they never made. The employee reported it, and the trickle effect occurred spurring the notification of Anthem being breached. Kudos to the alert employee, and shame on the technology that failed Anthem. That in itself - “shame on the technology” - was not a fair statement but was somewhat meant to get your attention. Did it work?

For all of the technology corporations throw into an infrastructure to prevent, mitigate, detect, and or correct breaches, why is it that so many are failing? I could quickly point a finger at any vendor, product, or technology but the reality is, and will continue to be, people failed. The thought processes from the professionals whose task it is to secure an infrastructure often lag so far behind the curve I wonder if many are fit to associate the word security in their profession. It will not matter what technology is put in place if the threats are not fully understood. This in itself is also a problem the

More about An Intrusion Prevention System ( Anthem )

Get Access