DATA BREACH – DRILL DOWN
The annual Verizon Data Breach Investigations Report reveals a holistic light on what’s been happening in the world of breach over the past twelve months. A review of the report over the last two years goes further to evaluate shifts in trends and threats during 2010 and 2011. Annually, security experts take a step back to take a hard look at threats and developments that have emerged in an effort to prepare and brace for the future.
Identifying Threat Sources
External sources appear to be the biggest security threat and are more prevalent than in previous years. Companies of all sizes seem to be finally heeding to the reality of security threats by taking necessary measures internally to prevent breaches and reduce risk. More organisations are developing, auditing, and enforcing comprehensive internal strategies including a more stringent approach to user policies in order to lock down access and protect sensitive and unsecured data. With the rise of more efficient security structures, internal threats have decreased from 12% in 2010 to 2% in 2011. 86% of data breaches were perpetrated by external sources in 2010, compared to 98% 2011.
Methods of Data Breaches
Hacking, malware, and a combination of the two are still the most widespread types of tactics used that result in data breaches. Infection vectors in malware spiked 15% from 2010 to 2011, and are an added threat to watch out for more conscientiously.
Again organisations appear to have become more aware of threats by putting the necessary security protocols in place with a reduction in the number of internal and physical attacks. In 2010, 29% of breaches were a result of physical attacks, this dropped to just 10% in 2011 and is expected to be lower again 2012. Concurrently, privilege misuse comprised of 17% of breaches in 2010, but just 5% in 2011.
A snapshot of some security challenges that saw little to no change between 2010 and 2011:
Effective Breach Containment
On a more positive note, breaches were contained quicker in 2011 - 34% of breaches were contained within days of being known in 2010 while this rose to 42% in 2011 which shows that companies are becoming better prepared to deal with breaches through more efficient security planning and reactionary measures.
Looking ahead, it’s important to remember the seriousness and implications for an organisation once it has experienced a breach. With the prevalence of data being stolen and lost, security and data protection is at the forefront of business agendas. What’s evident from this latest review is that prevention is better than cure and it appears that the general mind set is shifting in its approach to protecting sensitive data. It’s also a bit unnerving that most of the breaches in recent years could have been prevented with simple security measures and countermeasures. In an effort to develop a more comprehensive approach to minimising data risk and improve security measures, businesses need to consider the following proactive components to data protection:
- Enterprise visibility to understand and identify data entities that contribute to risk threats and vulnerabilities
- Ability to take required action to classify, remediate and consistently protect valuable data
- Continuous monitoring through automated risk assessment and review
Through adapting a broader based security practice with an ongoing process of auditing to ensure that critical data assets and procedures are continuously evaluated, risks can be minimised and valuable information efficiently safeguarded against the threat of breach.
Original Article Sources: