The news of massive data breach at Anthem Inc., acts as a warning signal for enterprises across the globe irrespective of the industry type. The reports showcase that the Health Insurer, Anthem Inc., suffered this massive data breach as hackers gained access to their corporate data base. For this globally widespread enterprise with a client lists running into millions, the affected data reportedly contained personal information of around 80 million of their US customers and employees.
The top level executives at the organisation agree to the fact that they have been a target of the attack by cyber criminals who gained unauthorized access to their IT system. However, based on digital forensics investigation reports, they are positive that no credit card data or medical records have been compromised. Nevertheless, the breach of 80 million data as per records is the biggest in history that brings to fore, today’s need for deploying industry-standard “sophisticated” defences. Encryption of data is a critical aspect to secure accessibility of any corporate database.
While this is nightmare for the affected individuals, is not a lone case. Other recorded incidents include
- Data breach at Montana Dept, of Health and Human Services where hackers gained access to a server leading to an estimated 1.3 million affected individuals.
- Breach at Community Health Systems Inc., which exposed the personal data of an estimated 4.5 million people.
With continuing data breaches, information security has attained critical importance across enterprises. An essential proactive step is to assess your assets and estimate the level of risk with key assets. Following this with an assessment of the security controls would have helped Anthem identify the gaps and plug those gaps with appropriate remedial measures. Tools like Aegify helps organization to assess their security, risk, and compliance posture and to help them take proactive measures to fix the security lacunae.
Aegify services, offered as a cloud-based model, includes all security and IT GRC functions. Equipped with a built-in compliance framework that supports HIPAA, RBI, NSE, BSE, MCDEX, PCI, ISO, COBIT, FISMA and other country based ones, Aegify also has advanced alert and monitoring systems that makes it a complete end-to-end automation solution for all security, audit, compliance and risk management needs of an enterprise.