For this week’s security assessment, I decided to talk about an article from The Register named “Company insiders behind 1 in 4 data breaches – study.” This article is in response to Verizon’s Data Breach Investigation Report which had shown that 25% of all data breaches a company will experience come from those working inside the organization being motivated by “financial gain, espionage, and simple mistakes or misuse” (Leyden, 2018). The ultimate reason I had choose to talk about this article was because of the surprisingly high numbers of the data that was being talked about. While I knew that company insiders prove to be a big part of data breaches, I would have never guessed the number would have been as high as 25%. Another fact that jumped out at me is espionage being one of the leading factors to doing this. While it was not as high as the financial gain, I found it surprising that espionage was such a major contributor to the problem. This is a hard one to try to prevent as well, as finding an enemy that has legitimately joined your company can be a hard task to do. One of the take aways I got from this article is how we need to make sure proper controls and security measures are in place in company’s networks to make sure that people do not steal information or gain access to something that they should not have had access to. The problem against this is if that a rogue employee already had access to that information because of a legitimate need and then decided to leak it or open up a way for someone to get a hold of it. Proper measures sure be in place that would try to minimize this risk as much as possible.
The article also goes on to explain that ransomware has had a drastic rise in incidents, going up nearly “39 per cent” (Leyden, 2018) over the last several years. This dramatic increase is an indicator that these attacks are working and yielding results to those utilizing them and we should take extra caution when it comes to clicking on suspicious links or messages. A great way to combat these types of attacks as well, as I have written about in the past, is to make regular backups of your system and have a strong anti-virus and anti-spyware software involved. Should your system become infected with a ransomware, you might be able to roll the system back to a time before the attack happened and be safe.
The last bit of striking information this article talked about are the industries that are at the biggest risk. Topping all other industries was education with attacks being motivated by the act of espionage and motivation coming from viewing the activity as “fun.” I found this data to be a bit disturbing on many accounts as purposely harming an education firm or people who are at or enrolled at the school merely for fun is inexcusable. Those who do these activities should be held just as accountable as those who do it out of espionage or other reasons. These kinds of attacks should never be utilized for fun.
Sources Cited:
Leyden, J. (2018, April 10). Company insiders behind 1 in 4 data breaches – study. Retrieved April 10, 2018, from https://www.theregister.co.uk/2018/04/10/verizon_dbir/
No comments:
Post a Comment