How’s Your Security Posture? Exhausted Probably
The number of corporate data breaches has reduced for the first time in five years, according to recent reports. I don’t know, should we believe it? I wonder, if we ignore the problems created by cybercriminals, will they just fade away? I kind of doubt it. If it were true, it would be welcome news to those enterprise security teams that find themselves overwhelmed.
Findings in a new Osterman report included the following statistics, which just don’t jive with the statement that security breaches are decreasing. See if any apply to you.
- “Cryptocurrency mining on endpoints increased by 8,500 percent during 2017 and the trend is accelerating: one vendor found that the deployment of illicit crypto mining scripts grew by 725 percent during a four month period ending in January 2018.
- The practice of injecting malware into software updates increased by 200 percent during 2017.
- The number of web application vulnerabilities increased by 212 percent in 2017, and more than one half of these vulnerabilities have a public exploit that hackers can use.
- There was a 54 percent increase in mobile malware during 2017.
- In February 2018, there was one phishing attempt in every 3,331 emails and one piece of malware for every 645 emails. That means that in an organization of 500 email users who receive a median of 100 emails per day, the security infrastructure will receive 15 phishing attempts and 77 pieces of malware each day.
- While the massive ransomware campaigns we saw in 2015 and 2016 have abated to some extent, we continue to see targeted ransomware campaigns focused on specific industries like healthcare and government, among others.
- Moreover, the number of ransomware variants continues to increase: one source found a 74 percent increase during the 13 months ended February 2018.
- While spam is today less of a problem than it was several years ago, the one year period that ended in March 2018 saw an overall increase in the volume of spam traversing the Internet, with enormous spikes occurring in early 2018.”
The report continued, “Security teams must deal with all these issues, in addition to the everyday problems of rootkits, bootkits, adware, overwriting viruses, bots, software bugs, keyloggers, password-stealing Trojans, backdoors, and dumb user mistakes.”
We can help with the identification of privacy or sensitive information in your content and emails, which, according to those statistics, are hot buttons.
For example, one of our clients, with over 24,000 employees scattered across the world, found that country privacy mandates were spiraling out of control and compliance was becoming haphazard. End users could not be depended upon to accurately tag content that needed protection. And third-party access to sensitive and confidential information was an unsettling unknown.
Our solution enabled this organization to effectively protect its personal and sensitive information. Vulnerabilities are now identified in real time, protected from portability, and immediate notification sent to appropriate personnel for disposition. You can find details in the Eliminating One Source of Data Breaches case study.
Please reach out to us, if managing unstructured data is a problem for you.