A group of experts has issued another call for infosec pros to focus on implementing basic IT security protocols if they want to reduce the growing number of breaches of security controls.
“What is very clear is that there are too many cyber incidents creating an unacceptable level of financial impact,” says the annual analysis of cyber security incidents for the previous year by the Online Trust Alliance, which was released Tuesday. “Addressing these threats comes back to a basic set of core best practices that require discipline to implement and maintain.”
“As in past years, OTA found most breaches could have been easily prevented,” the group said in a news release accompanying the report. It believes that in 2018, 95 percent of all breaches could have been avoided through simple and common-sense approaches to improving security.
Part of the Internet Society, the alliance promotes best security and privacy practices.
The report draws conclusions from examining a number of publicly available threat intelligence reports for 2018 from Risk Based Security, the Identity Theft Resource Center, the Privacy Rights Clearinghouse, DLA Piper, Symantec, the FBI, and others.
It points out trends that others have spotted: Ransomware attacks seem more focused on organizations than individuals, distributed denial of service attacks were down, attacks on supply chains of organizations, use of business email compromise, and credentials stuffing were up.
“While it’s tempting to celebrate a decreasing number of breaches overall, the findings of our report are grim,” said Jeff Wilbur, technical director of the OTA. “The financial impact of cybercrime is up significantly and cybercriminals are becoming more skilled at profiting from their attacks. So, while there may be fewer data breaches, the number of cyber incidents and their financial impact is far greater than we’ve seen in the past.”
Among the lessons to be learned from the biggest breaches of 2018 is the importance of ensuring third-party access to organizations is secure, the need for ongoing diligence in monitoring for vulnerabilities and unauthorized access, and keeping only necessary data and securing it properly.
However, the real heart of the report are three pages of guidelines:
-A list of 10 core cyber readiness principles starting with responsibility for incident protection and readiness is organization-wide, not just IT, and ending with the need to be transparent in the event of a security incident.
-A 12-point checklist for IT leaders to lean on if they want guidance on what to do starting with complete risk assessments for executive review, operational process and third-party vendors, and ending with understanding the regulatory requirements, including relevant international requirements.