Interesting report by Verizon. Highlights:
- External attacks are up 22% and are now responsible for 92% of losses.
- Insider attack is down 31%. (Finally implementing internal security measures and not just focusing on the perimeter?)
- Victims were not ‘chosen’ because they were large, important or had financial data. They were simply the easiest targets.
- 92% of loss resulted from simple, known vulnerabilities
The conclusions sound a lot like the Gartner report:
“Every year that we study threat actions leading to data breaches, the story is the same; most victims aren’t overpowered by unknowable and unstoppable attacks. For the most part, we know them well enough and we also know how to stop them.”
And here’s the same thing in different wording:
“The latest round of evidence leads us to the same conclusion as before: your security woes are not caused by the lack of something new. They almost surely have more to do with not using, under using, or misusing something old.”
And of course, I like this one because it highlights Automated Vulnerability Assessment:
“SQL injection attacks, cross-site scripting, authentication bypass, and exploitation of session variables contributed to nearly half of breaches attributed to hacking or network intrusion. It is no secret that attackers are moving up the stack and targeting the application layer. Why don’t our defenses follow suit? As with everything else, put out the fires first: even lightweight web application scanning and testing would have found many of the problems that led to major breaches in the past year.”
Basically, your organization already has the security solution that it needs; you’re just not using it.