Top 5 Stories


Data breaches loom in the face of business transformation

08 May 2013

The move to cloud applications, ever-present mobility, Big Data and an escalating set of complex cyber-attack vectors and malware are all conspiring to overwhelm security professionals, leaving the door for many businesses wide open to data breaches.

“Cybersecurity threats are increasing as quickly as businesses can implement measures against them. At the same time, businesses must embrace virtualization and cloud, user mobility and heterogeneous platforms and devices,” Trustwave noted in the executive summary of its 2013 Global Security Report. “They also have to find ways to handle and protect exploding volumes of sensitive data.”

When it comes to who is most at risk, Trustwave uncovered that retail businesses and their sensitive data are back in the crosshairs in a major way. For the first time in three years, the retail industry made up the highest percentage of data-breach investigations, accounting for almost half (45%). Food and drink (24%) industries came in second, with hospitality rounding out the top three (9%).

Where should companies focus their defense efforts? The report found that web applications have emerged as the most popular attack vector for data siphoning. E-commerce sites were the No. 1 targeted asset, accounting for 48% of all investigations. Even so, for many, basic security measures are still not in place. “Password1” is still the most common password used by global businesses. Of three million user passwords analyzed by Trustwave, 50% of users are using the bare minimum.

Social engineering remains a big part of the infection puzzle as well. Trustwave found that even though spam volume is declining, the impact on business is not. Spam volume shrank in 2012 to a level lower than it was in 2007, but spam still represents 75.2% of a typical organization’s inbound email. Most importantly, Trustwave found nearly 10% of spam messages to be malicious.

And then there’s mobility. As organizations embrace mobility, mobile malware continues to be a problem for Android, with the number of samples in Trustwave’s collection growing 400% in 2012.

Amid all of this is the fact that corporate IT departments are overwhelmed. More responsibility now falls onto security staff to stay on top of zero-day attacks, for instance, because software developers vary greatly in their ability to respond and patch zero-day vulnerabilities. In this study, the Linux platform had the worst response time, with almost three years on average from initial vulnerability to patch.

So, many are embracing an outsourced IT operations model. This too presents big issues: in 63% of incident response investigations, a major component of IT support was outsourced to a third party. Outsourcing can help businesses gain effective, cost-friendly IT services; however, businesses need to understand the risk their vendors may introduce and proactively work to decrease that risk, Trustwave noted.

It’s no wonder then that businesses are slow to “self-detect” breach activity. Trustwave found that the average time from initial breach to detection was 210 days, more than 35 days longer than in 2011. Most victim organizations (64%) took more than 90 days to detect the intrusion, while 5% took a staggering three or more years to identify the criminal activity.

“The combination of business and IT transformation, compliance and governance demands and the onslaught of security threats continues to make the job of safeguarding data assets a serious challenge for organizations of all types – from multinational corporations to independent merchants to government entities,” noted Trustwave.

Bottom line? IT departments may be overtaxed, but the very real threat of data breach activity should compel businesses to do something about it.

This article is featured in:
Application Security  •  Cloud Computing  •  Data Loss  •  Identity and Access Management  •  Industry News  •  Internet and Network Security  •  IT Forensics  •  Malware and Hardware Security  •  Security Training and Education  •  Wireless and Mobile Security



Jamie@Dell says:

09 May 2013
It's sad that "Password1" is still the most commonly used password. Establishing identity and access management policies around things such as passwords and then kicking off recertification checks for business managers to verify the list of employees who currently have access to the organization's high risk data can help to reduce some of the risk. It's not uncommon for end-users to have inherited access to data via group membership or even still have it from a previous role. In those cases where they no longer need (nor should they have it) - a recertification check could identify and close those potential entry points.

Jamie Manuel - Dell Software

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×