In light of all of the attention now focused on cyber threats thanks to President Obama’s recent Executive Order, and a seemingly unending stream of news about the grow of denial of service attacks and other types of hacks and security breaches, we are starting to get some interesting quantification about various security issues. The latest is a report from Trustwave, a leading provider of cloud-based compliance and information security solutions, who has released the key results from its 2013 Trustwave Global Security Report.
The report highlights details and trends from more than:
It is also based on extensive research and analysis of zero-day security threats. This is real data, analyzed by industry experts at the company and noted surveys.
Sobering developments on the targeting front
At the risk of being the bearer of some not-so-great news, the findings from this year’s analysis should raise the antenna of quite a few companies is critical industries. For example:
“Cyber-criminals will never stop trying to compromise systems to obtain valuable information such as customer and private user data, corporate trade secrets and payment card information,” said Robert J. McCullen, Chairman, CEO and president of Trustwave. “This year’s Global Security Report pulls back the curtain revealing how breaches happen and how potential victims around the world can protect themselves so that they stay one step ahead and eliminate potential security threats. After reading this report, businesses and government agencies will be one step closer to building a comprehensive security strategy to reduce risk, protect data and safeguard their reputation.”
The bad guys have been active
The final report will run roughly 70 pages, but Trustwave has put out a rather extensive and thought-provoking summary of the highlights that need to be carefully considered and are good reason to get the full report when it is available. These include:
“Businesses should take a step back and re-evaluate their security posture,” added McCullen. “All developers, particularly in the e-commerce industry, should implement a full lifecycle security plan that includes thoroughly educating themselves and their employees, equipping themselves with the best tools to protect themselves against attacks and making sure they are using the most reliable resources for zero day detection.”
Trustwave as a result of its findings has six security recommendations for this year.
1. Educate employees
2. Identify users
3. Register assets
4. Protect data
5. Unify activity logs
6. Visualize events
Much of this is just common sense and good practice since you don’t know what can hurt you until you know what you have that can be hurt. That said, the last two items are important. The unification of activity logs across an enterprise from siloed databases is on a smaller scale what the executive order is attempting to do for homeland security, i.e., share data. That is actually a good segue into the visualization of events recommendation. Security must be not just about being reactive, but in a real-time world where the frequency and sophistication of attacks is increasing, being able to have what the military calls “situational awareness” is also important. It allows enterprises to not just more responsive when under attack but proactive in anticipating and being prepared for what might come.
The 2013 Trustwave Global Security Report will be available to the public prior to the RSA Conference in San Francisco, February 25. You can sign up to receive a complementary digital copy of the report when it becomes generally available at: https://www.trustwave.com/2013GSR
This last weekend I was at the IndyCar race in Sonoma to see Verizon and Qualcomm showcase LTE Broadcast-I also wanted to see the race. I've watched N…
Last week was the anniversary of Windows 95, which was actually a life-changing launch for me. I'd just started out as an analyst, and Windows 95 was …
It is now possible to perform 3D scanning from a smartphone, without additional hardware or an Internet connection, thanks to a new Microsoft Research…
Word is that Amazon is scaling way back on its consumer devices efforts, having let go of dozens of Lab126 engineers who worked on its Fire phone, acc…
The hype around 4K Ultra HD video is growing and we're seeing it gain traction in real ways. From the NFL Network and CBS using 4K cameras to capture …