Web Design

Your content goes here. Edit or remove this text inline.

Logo Design

Your content goes here. Edit or remove this text inline.

Web Development

Your content goes here. Edit or remove this text inline.

White Labeling

Your content goes here. Edit or remove this text inline.

VIEW ALL SERVICES 

Discussion – 

0

Discussion – 

0

2012 Data Breach Investigations Report

Verizon has published its 2012 data breach investigations report. This years report is a result of analysing 855 incidents, 174 million compromised records and it represents a broader and more diverse geographical scope.

Some key points from the executive summary of the report

Who is behind data breaches?

  • 98% stemmed from external agents (+6%)
  • 4% implicated internal employees (-13%)
  • <1% committed by business partners (<>)
  • 58% of all data theft tied to activist groups

How do breaches occur?

  • 81% utilized some form of hacking (+31%)
  • 69% incorporated malware (+20%)
  • 10% involved physical attacks (-19%)
  • 7% employed social tactics (-4%)
  • 5% resulted from privilege misuse (-12%)

What commonalities exist?

  • 79% of victims were targets of opportunity (-4%)
  • 96% of attacks were not highly difficult (+4%)
  • 94% of all data compromised involved servers (+18%)
  • 85% of breaches took weeks or more to discover (+6%)
  • 92% of incidents were discovered by a third party (+6%)
  • 97% of breaches were avoidable through simple or intermediate controls (+1%)
  • 96% of victims subject to PCI DSS had not achieved compliance (+7%)

Where should mitigation efforts be focused?

Smaller organizations

  • Implement a firewall or ACL on remote access services
  • Change default credentials of POS systems and other Internet-facing devices
  • If a third party vendor is handling the two items above, make sure they.ve actually done them

Larger organizations

  • Eliminate unnecessary data; keep tabs on what.s left
  • Ensure essential controls are met; regularly check that they remain so
  • Monitor and mine event logs
  • Evaluate your threat landscape to prioritize your treatment strategy
  • Refer to the conclusion of this report for indicators and mitigators for the most common threats

You can read the full report here

Binoy KL

0 Comments

You May Also Like