Though it might be most famous its binge-watch streaming service, Netflix has produced open source tools that can protect businesses from data breaches and DDoS attacks.
According to The Register, Netflix has three tools – Sketchy, Scumblr, and Workflowable – that it uses to monitor the Web for potential attacks on its servers. How do they work?
Hackers on social media sites like Twitter, Facebook, and underground forums often talk about attacks before they occur (either in code or out in the open). These tools perform periodic sweeps of the Web, looking for suspicious conversations. If your site shows up in hacker conversations, the tool flags it and sends you a screen grab of the social media discussion (so you won't have to visit any underground sites).
Let’s take a look at how Netflix's security software can be a useful new tool for IT consultants.
Why Netflix's Open Source Security Software Is Good for the Little Guy
Many small businesses simply don't have the resources to invest in top-of-the-line security software – a service like FireEye can cost 4- to 6-figures. When Netflix releases its own tools as open source software, small businesses suddenly have access to software with some serious muscle.
The nice thing about tools like this is that they are automated. You can set the scanning tool to run at scheduled intervals or you can manually run it whenever you want. You can also customize which forums and Web venues it sweeps for suspicious activity.
You might be wondering whether hackers actually talk about their attacks before they perpetrate them. In fact, they do. According to PC Mag, in a recent attack that brought down a series of gaming sites via DDoS, hacker clan Lizard Squad boasted on Twitter, “We're putting a bunch of lizards in the pipes on their way to Sony.” Sure enough, the PlayStation network went down shortly thereafter.
The bravado that goes along with hacking culture leads some hackers to tip their hand before they actually attack.
IT Liability Roundup: What You Need to Know to Protect Your Business
When a client is hacked, you can be sued for failing to prevent the attack and not taking sufficient measures to secure their network. That's why it's important to keep track of new tools that make it easier to fight cyber attacks.
Data-monitoring tools like this were once only available to businesses with the resources to spend thousands on network security. When new methods become financially feasible for your clients, see if they add anything to your clients’ security.
As you look for ways to improve your clients’ network security, keep the following in mind:
- There's insurance for your risk. You're not in this alone. Errors and Omissions Insurance (also called Professional Liability Insurance) can cover the cost of cyber attack / data breach lawsuits. Avoid lapses in this coverage because you’ll only receive benefits for old IT projects if your coverage is continuous.
- Stay up-to-date with new attacks and ways to prevent them. On this blog, we've covered how hackers have changed their attacks over the last year, e.g., targeting small businesses more carefully with phishing attacks. We've also seen growth in malware attacks, POS system remote-access hacks, and DDoS attacks. In order to avoid liability, you need to adapt your strategy as hackers adapt theirs.
- Teach your clients Cyber Security 101. Clients need to understand the importance of updating software, using the Web securely, and handling basic day-to-day security issues.
To learn more about shielding your business from cyber liability, submit an IT insurance application to receive free insurance quotes for Errors and Omissions Insurance.