The most popular and comprehensive Open Source ECM platform
Verizon has published for the fourth year in a row a comprehensive report on the state of data breaches. The report surveys the number and types of data breach incidents that occur and also provides useful information to both small and large organizations for how to better protect themselves from unauthorized entries and data loss. The report tallies 855 incidents in 2011 for a total of 174 million compromised records.
The Verizon report is long and detailed. A good starting point and summary of many of the findings from the report is the Securosis Blog which identifies five major trends discussed in the report:
- Small organizations tend to be hit hardest and the most frequent significant loss for the target organizations is credit card information
- Large organization have security in place to be resistant to the types of simplistic attacks that ensnare many smaller organizations, but because of their size, large organizations tend to be targets, and often-time victims, of much more sophisticated attacks
- Large organizations have been hit hardest by ‘Hactivism’ or mega-breaches accounting for the loss of large numbers of records
- The top three points for gaining unauthorized access are:
a. Remote access via channels like VPN and remote desktop
b. ’Backdoor’ exploits
c. Outward facing web applications
- Malware is involved with about two-thirds of exploits
Surprisingly, the Verizon report found that, as of yet, data breaches that exploit mobile access are still relatively insignificant in size, although this is likely to grow.