Cyber hacking to advance political or social causes has seen a dramatic rise, but the ”Verizon 2012 Data Breach Investigations Report“ found that 97 percent of the attacks were avoidable, without the need for organizations to resort to difficult or expensive countermeasures.
For our story on the report, see: Hactivism sees dramatic rise
Here’s Verizon’s recommendation for keeping hactivists and cyber criminals out of your network.
Recommendations for Enterprises
- Eliminate unnecessary data. Unless there is a compelling reason to store or transmit data, destroy it. Monitor all important data that must be kept.
- Establish essential security controls. To effectively defend against a majority of data breaches, organizations must ensure fundamental and common sense security countermeasures are in place and that they are functioning correctly. Monitor security controls regularly.
- Place importance on event logs. Monitor and mine event logs for suspicious activity – breaches are usually identified by analyzing event logs.
- Prioritize security strategy. Enterprises should evaluate their threat landscape and use the findings to create a unique, prioritized security strategy.
Recommendations for Small Organizations
- Use a firewall. Install and maintain a firewall on Internet-facing services to protect data. Hackers cannot steal what they cannot reach.
- Change default credentials. Point-of-sale (POS) and other systems come with pre-set credentials. Change the credentials to prevent unauthorized access.
- Monitor third parties. Third parties often manage firewalls and POS systems. Organizations should monitor these vendors to ensure they have implemented the above security recommendations, where applicable.
The DBIR can be downloaded in full at: www.verizon.com/enterprise/2012dbir/us
- What will the real cyber security threats be in 2013?
- Are your employees ignoring security rules?
- Hactivism – cyberhacking for political or social purposes seeing dramatic rise
- Many security pros expect cyber attacks on their organizations
- Dramatic changes ahead for cyber security in 2012
© 2012, TechJournal. All rights reserved.