The latest edition of Trustwave Holding’s annual global security report shows a shattered block on the cover representing a broken firewall. And rightly so – the volume of data breach investigations the company handled last year was up 54 per cent over 2012. Here are the highlights of what the company found and recommendations on how to brace up that wall. Images from<a href=”http://www.shutterstock.com/” target=”_blank”>Shutterstock.com</a>.


Bull’s eye on retail
As expected in the year where Target was the target of a massive POS theft, retail was the top industry around the world compromised (35 per cent of attacks Trustwave investigated). E-commerce sites made up 54 per cent of the victims, with one-third of all attacks POS-related.

SLIDE SHOW Dart, dartboard, target SHUTTERSTOCK

It’s not only money
While criminals want credit/debit card numbers, note that 45 per cent of thefts also involved non-payment card data — sensitive and confidential information such as financial credentials, internal communications, personally identifiable information and various types of customer records.

SLIDE SHOW Data graphic SHUTTERSTOCK

Java, passwords are killers
How do they get it? Eighty-five per cent of exploits relied on problems with third-party plug-ins, including Java, Adobe Flash, Adobe Acrobat and Adobe Reader. A staggering 78 per cent of exploits took advantage of Java vulnerabilities. Weak passwords open the door for the initial intrusion 31 per cent of the time.

Password graphic SHUTTERSTOCK

Keep your eyes open
It’s vital your staff – IT or line of business – be aware of the possibility of a breach every day and report suspicions immediately. Why? Trustwave found the median number of days it took organizations that self-detected a breach to shut the hole was one day, whereas it took organizations 14 days to contain the breach when it was detected by someone outside the organization. Still the median number of days from initial intrusion to detection was 87 days.
SLIDE SHOW Man's eye's SHUTTERSTCOK

Defence 1: Educate
Up-to-date technology helps, but so do non-tech solutions: Educate employees on best security practices, including strong password creation (seven mixed characters/numbers, or phrases with 8 to 10 words, two-factor authentication) and awareness of social engineering techniques like phishing.

SLIDE SHOW Training SHUTTERSTOCK

Defence 2: Secure your data
Don’t lull yourself into a false sense of security just because you think your payment card data is protected. Assess your entire set of assets—from endpoint to network to application to database. Any vulnerability in any asset could lead to the exposure of data. Combine ongoing testing and scanning of these assets to identify and fix flaws before an attacker can take advantage of them.
Slide show Magnifying glass SHUTTERSTOCK

Defence 3: Test
Model the threat and test your systems’ resilience to it with penetration testing. Pitting a security expert against your network hosts, applications and databases applies a real-world attacker’s perspective to your systems. A penetration test transcends merely identifying vulnerabilities by demonstrating how an attacker can take advantage of them and expose data.

SLIDE SHOW keyboard 4 SHUTTERSTOCK

Defence 4: Prepare for bad news
Think you’re ready? There’s one more thing to do — plan your response for a breach. Develop, institute and rehearse an incident response plan. Identify what sorts of events or indicators of compromise will trigger your incident response plan. A plan will help make your organization aware of a compromise sooner, limit its repercussions and shorten its duration.
SLIDE SHOW Plan, prepare, perform SHUTTERSTOCK



Previous articleTop 10 security threat patterns
Next articleInside Apple’s iOS 8
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com