A recent Data Breach Investigation Report (DBIR) from Verizon notes that 98% of data breaches stemmed from external sources using hacking techniques (81%) and malware (69%). About 79% of the data breaches were directed at “targets of opportunity”, typically smaller organizations that are vulnerable through an “exploitable weakness”; most attacks were performed using relatively unsophisticated methods.
Of the breaches investigated, 94% involved computer-network servers; 85% took weeks or longer to discover. Of those discovered, “97% were avoidable through simple or intermediate controls”.
Wade Baker, Verizon’s security research director, told London’s The Inquirer that cyber-criminals target small and mid-sized organizations since larger enterprises are well defended.
- Scan emails for malware and threats
- Require complex passwords that change frequently
- Restrict access-control and review event logs periodically
- Deploy a physical firewall and maintain/update it periodically
- Restrict web-surfing, especially on computers with access to sensitive data
- Install malware-prevention software, update it continuously, and scan often
- Train employees on proper security policies and common threats
(Note: These are areas where Bryley Systems can help; please call us at 978.562.6077 or email Info@Bryley.com.)
See CSO’s Thwarted by Security at enterprises, cyber criminals target SMBs for comments and suggestions.