Google
It seems that many of you found my previous post of interest, so as promised, here’s the second part. But first, let’s all have a look at this 2min 48s video: Security Threats by the Numbers from the Cisco 2013 Annual Security Report. Unsurprisingly, the Trustwave GSR highlights that e-commerce sites were the most targeted asset, accounting for 48% of all investigations...
Security can be fun... a blog about information security, payments, risk, fraud and social media... Opinions my own...
4 April 2013
31 March 2013
A CONSOLIDATED VIEW ON DATA BREACHES IN 2012 - PART 1...
Google
It’s that time of year again where we try to make sense of all the new research and statistics. Today, I give you the Trustwave 2013 Global Security Report which analyses 400 data breach investigations (compared to 300 in 2011) across 29 countries (compared to 18 in 2011). Unsurprisingly, 96% of the breaches involved the theft of customer records (payment card data, PII, email addresses), compared to 89% in 2011. Closer to home, this is confirmed by the CIFAS Fraudscape report published in March 2013, where, whilst total fraud in the UK only showed a 5% increase since 2011, abuse of identity fraud increased by a whopping 17.1%, correlating to the Trustwave report showing that out off all client-side attacks observed, 61% targeted Adobe Reader users via malicious PDFs, clearly pointing to social engineering.
It’s that time of year again where we try to make sense of all the new research and statistics. Today, I give you the Trustwave 2013 Global Security Report which analyses 400 data breach investigations (compared to 300 in 2011) across 29 countries (compared to 18 in 2011). Unsurprisingly, 96% of the breaches involved the theft of customer records (payment card data, PII, email addresses), compared to 89% in 2011. Closer to home, this is confirmed by the CIFAS Fraudscape report published in March 2013, where, whilst total fraud in the UK only showed a 5% increase since 2011, abuse of identity fraud increased by a whopping 17.1%, correlating to the Trustwave report showing that out off all client-side attacks observed, 61% targeted Adobe Reader users via malicious PDFs, clearly pointing to social engineering.
Labels:
CIFAS,
Data Breach,
Fraud,
identity theft,
Incident Response,
information security,
PCI DSS,
Trustwave
27 February 2013
WILFUL BLINDNESS AND WISHFUL THINKING...
Google
Yesterday, an article on CBS Money Watch caught my eye: Businesses deluded about threat of cyber attack. The article was a short introduction to a recent survey conducted by Deloitte. And isn’t it spooky that the same old things keep cropping up everywhere?...
Unsurprisingly, the Deloitte report highlights that 88% of the businesses surveyed believe that they are not really at risk. As you would expect, they also identify lack of employee awareness and third party risks as top security vulnerabilities (46% of organisations don’t evaluate the security and privacy practices of vendors before sharing sensitive or confidential information, according to a recent Experian/Ponemon survey. If you’re not already fed up with trend predictions, see earlier blog post for my 2013 predictions.
But for me, these were not the most interesting points of the study...
Yesterday, an article on CBS Money Watch caught my eye: Businesses deluded about threat of cyber attack. The article was a short introduction to a recent survey conducted by Deloitte. And isn’t it spooky that the same old things keep cropping up everywhere?...
Unsurprisingly, the Deloitte report highlights that 88% of the businesses surveyed believe that they are not really at risk. As you would expect, they also identify lack of employee awareness and third party risks as top security vulnerabilities (46% of organisations don’t evaluate the security and privacy practices of vendors before sharing sensitive or confidential information, according to a recent Experian/Ponemon survey. If you’re not already fed up with trend predictions, see earlier blog post for my 2013 predictions.
But for me, these were not the most interesting points of the study...
28 January 2013
GAZING AT 2013: THE RIGHT FOCUS AND THE RIGHT LANGUAGE...
Google
Well, it’s the New Year, and I wish you all the best for a fantastic 2013! I can’t believe my last post was in November! And it’s already the end of January! So I thought I’d get in quickly with my two pennies worth of crystal ball gazing before it becomes unfashionable... What did we learn from 2012? Are there any interesting market trends? How does it affect security? What is the current state of information security and how is it shaping up? Are we getting any better? If any of these questions spark your interest of if you’d just like to see if my Nostradamus impression has something in it, read on...
Well, it’s the New Year, and I wish you all the best for a fantastic 2013! I can’t believe my last post was in November! And it’s already the end of January! So I thought I’d get in quickly with my two pennies worth of crystal ball gazing before it becomes unfashionable... What did we learn from 2012? Are there any interesting market trends? How does it affect security? What is the current state of information security and how is it shaping up? Are we getting any better? If any of these questions spark your interest of if you’d just like to see if my Nostradamus impression has something in it, read on...
18 November 2012
DON'T ACCEPT SWEETIES FROM STRANGERS...
Google
[Updated 17th March 2013] Hello
everyone! It’s been a long time since I wrote on this blog and I have to say,
there have been so many interesting things happening that I haven’t really been
able to make my mind up on what to talk about... What spurred me into action was
a combination of various industry discussions and security conferences, the
fact that lots of us are busily preparing for the festive season (or wishing
they were!) and that all the children in my life are SO technically savvy...
6 August 2012
INFOGRAPHIC: THE SOCIAL MEDIA SIDE OF INCIDENT RESPONSE...
Google
It seems that my previous post on the social media side of incident response attracted some attention and I thank everyone for their feedback. This prompted me to explore the brave new world of infographics... So here we go, my first foray into what is for me unchartered territory. I've used Piktochart and I found it an excellent tool which means that anything you find lacking is of course entirely my fault rather than the tool itself. Your feedback, as ever, will be greatly appreciated!
Subscribe to:
Posts (Atom)