|
A Report on 2014 Global Security Data
Breaches
|
|
|
| |
The Online Trust Alliance (OTA) has analyzed more than 1,000 data
breaches from 2014 and concluded that as many as 90% of them could have
been easily prevented.
The OTA studied data breaches from 2014 that involved the loss of
personally identifiable information (PII) and found that those breaches
could be attributed to one of four causes: 40% by external intrusions;
29% by employees, either accidentally or maliciously; 18% by lost or
stolen devices or documents; and 11% by social engineering or fraud.
According to the OTA, 90% of these data breaches could have been easily
avoided by strengthening internal controls. "Businesses are overwhelmed
with the increasing risks and threats, yet all too often fail to adopt
security basics," said Craig Spiezle, executive director and president
of OTA. To help organizations with those security basics, OTA has
released two companion guides: one covering security best practices and
controls, and one for security risk assessment. One pixelInsider threat
prevention controls to thwart data breach incidents The best practices
suggestions include detailed tips for 12 "critical yet achievable"
security items, like enforcing effective password management policies,
conducting regular penetration tests and vulnerability scans,
implementing a mobile device management system (MDM), and developing,
testing and refining a data breach response plan.
The guide for security risk assessment aims to help organizations follow
industry and regulatory best practices, and follow the four general
steps to risk assessment: threat assessment, vulnerability
identification, risk determination and control recommendation. OTA plans
to present these guides and research findings in a series of three "town
hall" meetings scheduled in Silicon Valley, Calif., on Jan. 28; New York
on Feb. 3; and Washington D.C. on Feb. 5. The events will include
sessions featuring leaders from the FBI, Secret Service, the New York
and California Attorney General's office, Twitter and more, and will
cover major data breaches from the past year, including those impacting
Sony and Home Depot.
|
|
|
2015 Statistics so far
Abuse Distribution by Categories
Overview for ITU Regions
.jpeg)
Monthly Overview
.jpeg)
Reference:
http://www.impact-alliance.org/
|
|
| |
|
1.http://antivirus.about.com/od/securitytips/tp/ |
| |
socialengineeringexcuses.htm | |
| | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | |
| | | | | | |
| | | | | | | |
|
|  | |
| | |  | | |  |
NEW BRAIN DECODER COULD BOOST NEUROSCIENCE
RESEARCH | | | |
�..Human attention isn�t stable, ever, and it costs us: lives lost when
drivers space out, billions of dollars wasted on inefficient work, and
mental disorders that hijack focus. Much of the time, people don�t
realize they�ve stopped paying attention until it�s too late. This
�flight of the mind,� as Virginia Woolf called it, is often beyond
conscious control...� | | | ![]() |
Whodunit? In cybercrime, attribution is not easy |
| | |
'..�Whodunit� is essential to solving crimes. You can�t make an arrest or
prosecute a crime if you don�t even know who committed it. That makes
�attribution� one of the major challenges of law enforcement. But while
identifying perpetrators is difficult enough in the physical world, it is
even tougher in the cyber world, where the ways for perpetrators to cover
their tracks or make it look like a breach was committed by someone else
are both sophisticated and practically limitless....' | | |
FEW PRIVACY LIMITATIONS EXIST ON HOW POLICE USE
DRONES |
| | |
| |
| | |
'...As drones become cheaper and
more capable, more police departments across the country are asking for and
getting federal approval to use them for law enforcement.
But the Federal Aviation Administration only takes safety into consideration
when it grants a law enforcement agency approval to use drones, leaving
privacy protections to legislation�which, depending on the state in question,
may or may not exist....' | | |
CELL CARRIERS SPEND $45B IN AUCTION OF WIRELESS
FREQUENCIES |
| |
 | | | |
'...Cellular carriers spent
nearly $45 billion in an auction of wireless frequencies, blowing past even
the highest estimates, the Federal Communications Commission announced
Thursday....' | | |
HOW VMWARE PLANS TO CONQUER THE CLOUD MARKET |
| |
| | | | |
| |
'...There�s a new cloud service offering that has met the government�s
standardized cloud computing security requirements, and it�s one every
major federal agency IT official will recognize.
VMware, already a known name in virtualization, announced today its
VMware vCloud Government Service has achieved compliance under the
Federal Risk and Authorization Management Program....� | |
|
| Month in Brief |
| Facebook Incidents
Reported to Sri Lanka CERT|CC in January 2015 | | |
 | | | | | | | | | Statistics - Sri Lanka CERT|CC |
|
| |
Enabler of Data Agility | |
| |
| |
'....Enabler of Data Agility How much time does it take between collecting
data and taking meaningful action based upon the insight you are able to
glean from those data? Depending on the technology, it might take a week
to a month or more. Today, of course, we can do better than a week.....' | |
| |
Cambridge University turns to Intel Xeon Phi chips
to meet growing high performance computing demands | |
| |
'...The University of Cambridge plans to transition high performance
computing (HPC) workloads to Intel�s Xeon Phi co-processors to meet
growing demands for parallel processing application, but will also
continue to rely on its Nvidia GPU cluster for certain requirements.....' | |
IT Management Suite 7.6 and Ghost Solution Suite 3.0
Launch Webcast - March 3 | |
| |
'...The releases of Symantec IT Management Suite 7.6 and Symantec Ghost
Solution Suite 3.0 are rapidly approaching. Please join us for a special
webcast on Tuesday, March 3 to learn about these new solutions and how
they will make your life easier.....' | |
iOS 9: Apple�s desktop-class smartphones | | |
| | |
'.....It makes sense for Apple to decelerate the pace of regular feature
introductions and take the time to optimize and improve the many it
already has. It is interesting (and informative) to reflect that the last
time it chose to decelerate feature improvements was when it launched OS X
Snow Leopard in 2009, which introduced a range of under-the-hood
improvements, the biggest being 64-bit support.....' | |
Chinese Hacking Group Codoso Team Uses Forbes.com As
Watering Hole | | |
| | |
'....Another day, another cyberespionage campaign attributed to a Chinese
hacking group. Today's newly identified hacking push is a watering hole
attack against Forbes and other targets last November that's been
attributed by iSIGHT Partners and Invincea to likely be the handiwork of a
long-running group they call Codoso Team, but which has also been named as
Sunshop Group. The campaign was made possible by a zero-day attack that
strung together a now-patched Adobe vulnerability with a bypass
vulnerability in Microsoft's ASLR technology for Internet Explorer that
the company patched today.SS...' |
|
