Staff are biggest threat to finance firms' data
Insiders represent the greatest threat to the secure data of financial services firms, according to the latest Verizon Business Data Breach report.
This marks a strong contrast with companies in other sectors, such as high tech services, food and beverage, and retail, which saw business partners as posing the greatest risk to their data.
Deceit and misuse of data represented the main type of attack against finance firms, where complex attacks often took weeks to discover - although this was faster than in other industries.
In high tech services, many of the firms actually had problems keeping track of information systems, Verizon said. Insider misuse was hard to control where so many workers had high level system access.
Web applications and remote access connections at retailers were frequently targeted. Discovery of the attacks was slow, with retailers largely reliant on third parties.
Remote access connections were frequently targeted at food and beverage firms, where attackers attempted to gain access to payment card data. The attacks tended to rely on pre security con figurations, and took a long time to discover, Verizon said.
Dr Peter Tippett, VP research and intelligence at Verizon Business Security Solutions, said: "Understanding what happens when a data breach occurs is critical to proactive prevention." It was crucial not to forget the basics, from proper security planning to data monitoring, he said.
In July, Verizon found that nearly nine in ten data breaches could have been avoided by taking what it called "reasonable" security measures.
» posted by ITworld staff
Computerworld UK
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
data breach
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Data Theft and Breaches - A Solution?
These data breaches and thefts are due to a lagging business culture. I found some fresh and original thinking from the author of “IT Wars” - http://www.businessforum.com/DScott_02.html - I urge every business person and IT person, management or staff, to get hold of a copy of "I.T. Wars: Managing the Business-Technology Weave in the New Millennium." It has an excellent chapter on security, and how to scale security for any organization, any budget. It also has a plan template with all considerations. Our CEO has read this book. Our project managers have read it. Our vendors are required to read it (they can borrow our copies if they don't want to purchase it) – it helps them to understand our values and practices. Any agencies that wish to partner with us: We ask that they read it. Do yourself a favor and read this book – BEFORE you suffer a breach.