Cybercrime targets smaller organizations

A recent Data Breach Investigation Report (DBIR) from Verizon notes that 98% of data breaches stemmed from external sources using hacking techniques (81%) and malware (69%).  About 79% of the data breaches were directed at “targets of opportunity”, typically smaller organizations that are vulnerable through an “exploitable weakness”; most attacks were performed using relatively unsophisticated methods.

Of the breaches investigated, 94% involved computer-network servers; 85% took weeks or longer to discover.  Of those discovered, “97% were avoidable through simple or intermediate controls”.

Wade Baker, Verizon’s security research director, told London’s The Inquirer that cyber-criminals target small and mid-sized organizations since larger enterprises are well defended.

Basic suggestions:

  • Scan emails for malware and threats
  • Require complex passwords that change frequently
  • Restrict access-control and review event logs periodically
  • Deploy a physical firewall and maintain/update it periodically
  • Restrict web-surfing, especially on computers with access to sensitive data
  • Install malware-prevention software, update it continuously, and scan often
  • Train employees on proper security policies and common threats

(Note: These are areas where Bryley Systems can help; please call us at 978.562.6077 or email Info@Bryley.com.)

See CSO’s Thwarted by Security at enterprises, cyber criminals target SMBs for comments and suggestions.

 

Visit http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf  summary.