DZone
Performance Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Performance Zone > What’s the Real Lesson of Data Breaches?

What’s the Real Lesson of Data Breaches?

The bad guys will continue to find a way to steal valuable data, but RASP is proving to be far more effective at mitigating risks where the biggest risks reside – with your applications.

James Lee user avatar by
James Lee
·
May. 26, 16 · Performance Zone · Analysis
Like (1)
Save
Tweet
3.30K Views

Join the DZone community and get the full member experience.

Join For Free

From the Board Room to IT cubicles, security professionals are pouring over the latest wave of reports showing the pace of data breaches isn’t slowing. In fact, UK-based Juniper Research projects the global economic impact of cyber crimes will grow to $2.1 trillion in the next three years. That’s not a typo – TRILLION, with a T.

Reports from Cisco, Dell, Verizon, Google, AT&T, IBM and others paint a similar picture and it is not museum quality art. It’s ugly. For instance:

  • 85% of successful exploits involve the Top 10 known vulnerabilities that have never been patched despite fixes being available for months or years.- Verizon
  • Healthcare is now the largest target of attacks, passing financial services – IBM
  • WordPress websites saw a triple digit increase in successful attacks: 221% – Cisco

The news doesn’t get better when you look at 2016 data through early May. According to the US-based Identity Theft Resource Center, data breach reports are up 40% over 2015’s pace – a record-setting year for the compromise of business and consumer records.

All of this begs a very simple question: With tens of billions of currency invested in cyber security each year, why does this continue to happen?

Like most simple questions, there is not a simple answer. From human behavior (we’re hard-wired to answer questions even if it means compromising security) to an over-reliance on traditional solutions (most attacks are aimed at the application level, but most of the resources are tied to network defenses), organizations simply cannot keep pace with those who would steal our treasure or do us harm.

A part of the solution is to rapidly shift attention to emerging technologies instead of aging defenses that can (obviously) be easily defeated, are difficult to install/operate and create as many issues as they solve. Web Application Firewalls (WAFs), I’m looking at you.

New technologies using virtualization – Runtime Application Self-Protection or RASP, for example – solve many of the issues inherent in the current generation of application security products. No false positives, no added appliances, no tuning, no code changes, and little to no performance overhead. No need to grind everything to halt to add the latest Java Critical Patch Update – you can apply the update using virtual patching in minutes instead of days, weeks or, as Verizon noted above, months or years.

Data (computing) Application security

Published at DZone with permission of James Lee. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • 3 Pieces of Bad Advice on How to Keep Your IT Job
  • Maven Tutorial: Nice and Easy [Video]
  • Creating Event-Based Architecture on Top of Existing API Ecosystem
  • Adaptive Change Management: A DevOps Approach to Change Management

Comments

Performance Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo