SAN DIEGO, Jan. 23, 2014 -- DB Networks, an innovator of behavioral analysis in database security, today announced that it delivers the behavioral analysis and continuous monitoring of databases at the core of the network that can help organizations avoid high-profile breaches, such as those publicized at Target and Neiman Marcus, which result in the loss of customer data and the retailers’ reputations.
While details are still being gathered, the findings of the high-profile breach at Target revealed that hackers stole not only 40 million credit cards but also breached database records with personally identifiable information (PII) of at least 70 million customers, including names, mailing addresses, telephone numbers and email addresses. While not uncommon, the revelation of other similar breaches over the holidays has brought the protection of customer data to the forefront. Details common across breaches such as these include the loss of customers’ PII over a period of time, sometimes as a result of a database exploit. The largest known breach at a U.S. retailer was in 2007 at TJX Cos Inc., where more than 90 million credit cards were stolen over approximately 18 months.
“Retailers have not come clean on all the facts of these attacks, but in Target’s case it appears an internal database was accessed and customer data was stolen over time,” said Brett Helm, CEO of DB Networks. “The scope of these breaches is truly shocking -- this is a wakeup call that organizations need to get serious about their information security. The fact that breaches are perpetrated over such a long period of time is truly unconscionable in this day and age. Real-time monitoring of database traffic and alarming when rogue commands are detected can dramatically limit the scope of such a breach.”
DB Networks’ IDS-6300 intelligent security appliance is the industry’s first next-generation Core Intrusion Detection System (IDS). The IDS-6300 is the industry’s first Core IDS that combines behavioral analysis and advanced continuous database communications monitoring, helping organizations avoid and be instantly alerted to database attacks, including advanced and Zero-Day SQL injection attacks. The solution also addresses specific compliance requirements within regulations such as PCI DSS, HIPAA, GLBA, and NIST spec 800-53.
In addition to highlighting the need for enhanced security solutions that provide continuous monitoring and core network threat detection, the recent breaches at organizations such as Target and Neiman Marcus emphasize another critical information security issue. The details of these security breaches are not shared in a timely manner or with sufficient details to facilitate improvements to security systems. Retailers claim shoppers’ credit card information and PII are once again safe simply to lure back shoppers, but without the chance for security fixes these types of massive exploits will continue. (continued...)