Data Breach Investigation Results Assists Companies in Determine Cyber Threats
Security research on data breach was recently released by Verizon. The report is named the Verizon 2013 Data Breach Investigations Report. The report was compiled from information collected by Verizon about breaches along with cyber incident information from some of the worlds best government security agencies.
“Some organizations will be target regardless of what they do, but most become a target because of what they do. If your organization is indeed a target of choice, understand as much as you can about what your opponent is likely to do and how far they are willing to go.” (2013 DBIR, pg. 48).
According to the report most breaches, 91% occurred from outsiders and only 1% are from implicated business partners. Over 3/4th of these breaches occurred from network intrusions, and exploited weak or stolen credentials. Also 52% used some form of hacking.
There are 3 types of actors/threats external (outsiders), internal, and partners. External threats begin outside the victim organization and its network of partners. Typically, no trust or privilege is implied for external entities. Internal actors come from within the victim organization an Insider who is trusted and privileged.
Partners include any third party sharing a business relationship with the victim organization. Some level of trust and privilege is usually implied between business partners. Now 92% of threats are external in 2012 and 14% are internal. Only 1% are from partners, with that being said do not worry too much about your partners.
Most attacks are from tampering, spyware, backdoor, exporting data, and use of stolen credentials. Malware and hacking are the two leading categories. Malware alters the function of something without the administrator’s permission. Hacking is when someone circumvents your security devices (assuming you already have some).
In the variety of comprised assets desktops are number 2 at 25% and lap tops are number 4 at 22%. These devices are where you store the most secretive or personal data and should be at the top of your list to secure.
When assessing a threat the 4 main questions you should ask yourself are:
- Whose actions affected the asset?
- What actions affected the asset?
- Which assets were affected?
- How the asset was affected?
Knowing the answer to this will reduce your risk of personal information being stolen or used maliciously. Praetorian Secure is a valued added reseller who does security assessments and we offer software such as products that detect malware. Praetorian Secure offers expert external network pen testing and web application pen testing.
See our full list of products at www.praetoriansecure.com/products
Link to The Verizon 2013 Data Breach Investigations Report http://www.verizonenterprise.com/DBIR/2013/